The Open University 


M381 Number Theory and 
Mathematical Logic 


Formal Proof 


ail 


i Vr Vy EY) ya) 


wa 


The Open University 


M381 Number Theory and 
Mathematical Logic 


Mathematical Logic Unit 5 


Formal Proof 


Prepared by the Course Team 


The M381 Mathematical Logic Course Team 


The Mathematical Logic half of the course was produced by the following team: 


Roberta Cheriyan Course Manager 

Derek Goldrei Course Team Chair and Academic Editor 
Jeremy Gray History Consultant 

Mary Jones Critical Reader 

Roger Lowry Publishing Editor 

Alan Pears Author 

Alan Slomson Author 

Frances Williams Critical Reader 


with valuable assistance from: 


The Maths Production Unit, Learning & Teaching Solutions: 
Becky Browne, Jim Campbell, Nicky Kempton, Bill Norman, Sharon Powell, Katie Sayce, Penny Tee 


Alison Cadle TEX Consultant 
Michael Goldrei Cover Design Consultant 
Vicki McCulloch Cover Designer 

The external assessor was: 


Jeff Paris Professor of Pure Mathematics, University of Manchester 


The Course Team would like to acknowledge their reliance on the previous work of 


Alan Slomson and of Alex Wilkie, Professor of Mathematical Logic, University of 
Oxford. 


This publication forms part of an Open University course. Details of this and other Open University 
courses can be obtained from the Student Registration and Enquiry Service, The Open University, PO 
Box 197, Milton Keynes, MK7 6BJ, United Kingdom: tel. +44 (0)870 300 6090, e-mail 
general-enquiries@open.ac.uk 


Alternatively, you may visit the Open University website at http://www-.open.ac.uk where you can 
learn more about the wide range of courses and packs offered at all levels by The Open University. 


To purchase a selection of Open University course materials, visit http://www-.ouw.co.uk, or contact 
Open University Worldwide, Michael Young Building, Walton Hall, Milton Keynes, MK7 6AA, United 
Kingdom, for a brochure: tel. +44 (0)1908 858793, fax +44 (0)1908 858787, e-mail 
ouw-customer-services@open.ac.uk 


The Open University, Walton Hall, Milton Keynes, MK7 6AA. 
First published 2004. Reprinted as new edition 2007, with corrections. 
Copyright © 2004 The Open University 


All rights reserved; no part of this publication may be reproduced, stored in a retrieval system, 
transmitted or utilised in any form or by any means, electronic, mechanical, photocopying, 
recording or otherwise, without written permission from the publisher or a licence from the 
Copyright Licensing Agency Ltd. Details of such licences (for reprographic reproduction) may be 
obtained from the Copyright Licensing Agency Ltd, Saffron House, 6-10 Kirby Street, London 
ECIN 8TS; website http://www.cla.co.uk. 


Open University course materials may also be made available in electronic formats for use by 
students of the University. All rights, including copyright and related rights and database rights, in 
electronic course materials and their contents are owned by or licensed to The Open University, or 
otherwise used by The Open University as permitted by applicable law. 


In using electronic course materials and their contents you agree that your use will be solely for the 
purposes of following an Open University course of study or otherwise as licensed by The Open 
University or its assigns. 


Except as permitted above you undertake not to copy, store in any medium (including electronic 
storage or use in a website), distribute, transmit or re-transmit, broadcast, modify or show in public 
such electronic materials in whole or in part without the prior written consent of The Open 
University or in accordance with the Copyright, Designs and Patents Act 1988. 


Edited, designed and typeset by The Open University, using the Open University TẸX System. 
Printed in the United Kingdom by Charlesworth Press, Wakefield 

ISBN 978 0 7492 2271 0 

3.1 


CONTENTS 


Introduction 


1 First Steps 
1.1 Mathematical proof 
1.2 Three rules of proof 


2 Quantifier Logic: The Universal Quantifier 
2.1 Free and bound variables 
2.2 The Universal Quantifier Elimination Rule 
2.3 The Universal Quantifier Introduction Rule 


3 Quantifier Logic: The Existential Quantifier 
3.1 The Existential Quantifier Introduction Rule 
3.2 The Existential Hypothesis Rule 


Summary 

Objectives 

Additional Exercises 

Solutions to the Problems 
Solutions to Additional Exercises 


Index 


ork A 


16 
16 
20 
24 


28 
28 
30 


35 
36 
37 
40 
45 
50 


INTRODUCTION 


In Unit 4 we described the formal language we shall be using in the 
remainder of the course. We also introduced the idea of an interpretation. 
Now we introduce the notion of a formal proof of a formula of our formal 


language. We want to specify when we can derive or prove a given formula We shall often call a proof within 
from other formulas used as assumptions. our formal system a derivation and 

use the word derive to describe the 
A formal proof of a formula w from formulas ¢), ¢,...,@;, used as process of giving such a proof. 


assumptions is a list of formulas constructed as follows. We begin by listing 
the formulas ġ1, Qə.. ., p- We describe nine logical rules of proof that tell 
us which other formulas we can add to the list. For example, one rule, called 
the Tautology Rule, tells us that if a formula @ is a tautological consequence 
of formulas already in the list, then 0 may be added to the list. If we can 
produce a list of formulas constructed from the assumptions using the rules 
and which ends with the formula Y, then we have derived w from 


21,92 +++> Pk 


An obvious requirement for formal proofs is that they should be logically 
valid, in the sense made precise in Subsection 3.3 of Unit 4: if we derive a 
formula ~ from formulas ¢,,¢5...,,, then w should be a logical 
consequence of ¢,,¢5...,¢,; that is, we require that ~ should be true in 
every interpretation in which all of the formulas ¢,,¢....,¢; are true. A 
second requirement is that there should be an algorithm for deciding 
whether a given list of formulas is a formal proof, so that this can be 
checked by a machine. 


In this unit, we introduce seven of the rules of proof. We shall complete the 
list of the logical rules of our formal system and start looking at how to use 
it to prove statements about number theory in Unit 6. 


1 FIRST STEPS 


We shall begin this section by examining an informal proof from everyday 
mathematics to see the way in which it might be formalized. Then we shall 
introduce our first three rules of proof. 


1.1 Mathematical proof 


In the Introduction to Unit 4 we remarked that, whereas in everyday 
mathematics we do not state explicitly which logical principles we are using, 
in a formal system the rules that can be used in carrying out deductions are 
stated explicitly. Before we describe, in this unit and the next, the rules that 
we are going to allow, we need to think about the nature of an informal 
mathematical proof. Our intention is that our precisely defined notion of 
formal proof should correspond as closely as possible to the informal notion 
used by mathematicians. 


Since the informal notion is not absolutely precise, we cannot hope to give 
an exact definition, but we feel that there would not be too much 
disagreement with the following description. 


A mathematical proof is a finite sequence of mathematical assertions We shall sometimes use ‘valid’ as 
which forms a valid and convincing argument for the desired conclusion shorthand for ‘logically valid’. 
from stated assumptions. 


In this description ‘finite sequence’ means that the finitely many assertions 
are in some definite order, with a beginning and an end. ‘Valid’ means that 
the conclusion does really follow from the stated assumptions, that is, the 
conclusion is a logical consequence of the assumptions. It is because proofs 
are valid arguments that, when we have proved something, we know it is 
true, given that the assumptions are true. 


The validity of an argument is a matter of logical fact; in contrast, 
‘convincing’ is a psychological notion. From our point of view this is 
unsatisfactory. We want it to be a matter of objective fact that a sequence 
of assertions counts as a formal proof. Each step should be checkable by 
another mathematician working in a mechanical way. Indeed, we require 
that there is an algorithm to decide whether or not a sequence of formulas 
satisfies the requirements of being a formal proof, so that it can be checked 
by a machine. 


As we want formal proofs to correspond to the proofs we use in everyday 
mathematics, let us look at such a proof to see how it can be reorganized to 
bring out its logical structure. The example we have chosen comes from the 
beginnings of number theory. 


Theorem 


If the square of a natural number is even, then the number itself is even. 


Proof 


Assume n? is even. Next assume that n is odd. Then, by definition, there is 
a natural number k such that n = 2k + 1. Hence n? = (2k + 1)?. But 

(2k + 1)? = 4k? + 4k +1 = 2(2k? + 2k) +1, so n? = 2(2k? + 2k) +1. This 
shows that n? is odd, so is not even, contradicting our initial assumption. 
Hence n cannot be odd, so n is even. E 


The above is a perfectly good and correct everyday proof. It is not, however, 
in the best form for a machine to check that it is indeed correct. Apart from 
not being written in a formal language, the proof leaves unsaid much of the 
justification of the steps that it uses. For instance, when we write 

‘n? = (2k + 1)?. But (2k + 1)? = 4k? + 4k +1 = 2(2k? + 2k) + 1, so 

n? = 2(2k? + 2k) + 1’, we are assuming familiarity with the rule that allows 
us to deduce that a = c from the equations a = b and b = c between natural 
numbers a, b and c. Of course, in everyday mathematics it is perfectly 
reasonable to assume that a reader will take this for granted. A machine, 
however, cannot take it for granted; a machine needs the rule and the use of 
the rule to be spelled out. 


Thus, as a first step towards our description of a formal proof, let us rewrite 

the proof above in a different format. First, we shall use a separate line for 

each assertion made in the argument, for convenience changing the words in 

places. Second, we shall give each line a number corresponding to the This is, of course, quite common 
position of the line in the sequence of assertions. Next, to the right of each practice in mathematics, for 
assertion we shall write down the justification for that assertion and, as this | Stance when one wishes to refer 
ree f ; A 7 : > 2 $ to important equations. 
justification will often be in terms of earlier assertions, the line numbering is 

particularly useful here. Our rewritten proof is as follows. 


Second version of the proof 


Line number Assertion 


(1) 
(2) 


n? is even 


n is odd 


For some number k, 


Justification 
Assumption 
Assumption 


From 2 using the 


n=2k+1 definition of ‘odd’ 
(4) n? = (2k+1)? From 3 
(5) (2k + 1)? = 4k? + 4k +1 Algebraic 
(6) Ak? + 4k + 1 = 2(2k? + 2k) +1 manipulations 
(7) (2k + 1)? = 2(2k? + 2k) +1 From 5 and 6 
(8) n? = 2(2k? + 2k) + 1 From 4 and 7 
(9) For some number J, From 8 putting 
n?=2I+1 l = 2k? + 2k 
(10) n? is odd From 9, by the 
definition of ‘odd’ 
(11) n? is odd and n? is even From 10 and 1 
(12) n is not odd From 11, using 
‘proof by contradiction’ 
(13) n is even From 12 
(14) n? is even implies n is even 13 has been deduced 
from 1 


The way that this layout separates the assertions from their justifications, 
that is, the rules used to arrive at the assertions from previous ones, is a 
feature that we shall build into our idea of a formal proof. A formal proof 
will consist of a sequence of assertions, each of which is accompanied by a 
reference to the rule by which it was derived from previous assertions. 


It seems that in our informal proof we are using a large number of different 
rules for deriving assertions. We shall see in this unit and Unit 6 that, for 
formal proofs, we can get by with just nine rules. Before we start looking at 
these rules there is one simple, but important, refinement that we make to 
the format of our proof. 


Most proofs, formal and informal, contain assertions that are, in fact, 
assumptions, such as lines 1 and 2 in the proof above. Various conclusions 
are drawn from these assumptions. For example, at line 10 we have 
concluded from the assumption that ‘n is odd’ that ‘n? is odd’, which has 
led us in line 11 to conclude from the assumption that ‘n? is even’ that ‘n? is 
odd and n? is even’, giving us a contradiction. We concluded that it cannot 
be the case that both initial assumptions are simultaneously true. It was 
relatively easy to see in this proof that both initial assumptions were used in 
deriving the contradictory assertion at line 11, which in turn enabled us to 
conclude that both assumptions cannot hold simultaneously. In other proofs 
it may not be so easy, and yet it is important to know which assumptions 
are implicit in any given assertion. To this end, it is going to be very helpful 
to keep a record, on each line of the proof, of which assumptions have been 
used in deriving the assertion on that line. 


Keeping track of which assumptions have been used to derive the assertion 
on a particular line is not too difficult. For example, if in the above proof we 
look at the justification for line 8, we see this line has been deduced from 
lines 4 and 7. Now line 4 follows from line 3 which, in turn, has been 
deduced from the assumption on line 2, which depends on nothing earlier in 
the proof. Also line 7 follows from lines 5 and 6, which are justified by 
simple algebraic properties of the natural numbers (such as the distributive 
law, the commutative law and so on). Let us write AP for the algebraic 


properties used here; they are not really our main concern at this stage, 
although in a deeper analysis of this proof one would have to investigate 
exactly which of these properties are being used. Thus we see that the 
assertion on line 8 depends ultimately on the assumption on line 2 and AP. 
We usually express this by saying that the assumptions in force on line 8 are 
line 2 and AP, or that line 8 depends on the assumptions 2 and AP. We are 
going to indicate this by writing ‘2, AP’ to the left of the line number. If we 
indicate the assumptions in force on each line in this way, we obtain the 
following version of our proof. 


Third version of the proof 


Assumptions Line number Assertion Justification 
1 (1) n? is even Assumption 
2 (2) n is odd Assumption 
2 (3) For some number k, From 2 using the 
n=2k+1 definition of ‘odd’ 
2 (4) n? = (2k+1)? From 3 
AP (5) (2k +1)? = 4k? + 4k +1 Algebraic 
AP (6) Ak? + 4k + 1 = 2(2k? + 2k) +1 manipulations 
AP (7) (2k +1)? = 2(2k? + 2k) +1 From 5 and 6 
2, AP (8) n? = 2(2k? + 2k) +1 From 4 and 7 
2, AP (9) For some number l, From 8 putting 
n = 2141 | = 2k? + 2k 
ZAP (10) n? is odd From 9, by the 
definition of ‘odd’ 
1,2, AP (11) n? is odd and n? is even From 10 and 1 
1, AP (12) n is not odd From 11 using 
‘proof by contradiction’ 
1, AP (13) n is even From 12 
AP (14) n? is even implies n is even 13 has been deduced 
from 1 


We have written the number 1 at the extreme left of line 1 because the 
assertion ‘n? is even’ is an assumption and so naturally the assumption in 
force on line 1 is just the assertion that occurs there. Similarly the 
assumption in force on line 2 is just the assertion on this line. To find the 
assumptions in force on line 3, we look at the justification for this line. We 
see that line 3 follows from line 2 and so depends on the same assumptions 
as line 2. So we write the number 2 to the left of line 3. Similarly line 4 
follows from line 3, and so depends on the same assumptions that line 3 
depends on. Since the only assumption in force on line 3 is the one on line 2, 
we write the number 2 to the left of line 4. 


We carry on in this way, keeping track of the assumptions in force on each 
line. We leave it to you to verify that the details written to the left of lines 5 
to 10 correspond to the assumptions in force on those lines. 


When it comes to line 11, we see that this line follows from lines 10 and 1. 
So the assumptions in force on this line are all those in force on line 10, 
namely 2, AP, together with the assumption in force on line 1, namely 1. 
Thus we have written 1,2, AP to the left of the line 11 to indicate that these 
are the assumptions in force on that line. Now, what have we proved at this 
stage of the argument? Our analysis reveals, on line 11, that the 
assumptions 1, 2, AP lead to a contradictory statement, namely ‘n? is odd 
and n? is even’. Hence not all these assumptions can be true simultaneously. 
So if the assertion on line 1 and AP are assumed to be true, then it follows 
that the assertion on line 2 must be false, so that n cannot be odd. This is 


precisely what we have indicated on line 12, where we specify that the 
assertion ‘n is not odd’ can be deduced from the assumptions 1, AP. 


The proof is essentially complete on line 13 since this line states that, 
assuming AP, the assertion ‘n is even’ follows from the assertion on line 1, 
namely that ‘n? is even’. However, it is neater to have the actual statement 
of the theorem we are proving as the last line of the proof. So we 
incorporate assumption 1 into the assertion on line 14, leaving AP as the 
only assumptions in force on this line. 


The last three lines in the third version of the proof illustrate the advantages 
of keeping track of the assumptions in force on each line. A casual glance at 
line 13 in the second version of the proof might suggest that we have proved 
the assertion ‘n is even’ without any restriction. This would be strange as 
natural numbers are not all even. However, the analysis in the third version 
brings out the fact that we have only proved ‘n is even’ assuming that ‘n? is 
even’, and this is made perfectly clear in line 13 of the third version. Also, 
as AP remains to the left of line 14, we have revealed that, not surprisingly, 
some algebraic properties of the natural numbers have been used in the 
proof. 


Note that some steps in the argument add to the number of assumptions in 
force, for example those on lines 8 and 11, whereas others reduce the number 
of assumptions, for example those on lines 12 and 14. 


The third version of our proof is still essentially informal. Nevertheless our 
notion of formal proof will copy its layout, so that a formal proof will 
consist of a finite table with columns for: 


Assumptions Line number Assertion Justification 


An assertion in a formal proof will be simply a formula of the formal 
language, as defined in Unit 4. The justification will consist of a reference to 
the use of one of the nine rules of proof that we shall define and, in most 
cases, to the earlier line or lines of the proof to which the rule has been 
applied. The rules will specify which formulas may be derived, and hence 
written in the assertion column, and which assumptions are in force on the 
new line. The last line of a formal proof will contain the assertion, or result, 
that has been formally proved from the assumptions in force on that line. 


In the rest of this unit and in Unit 6 we shall look at the rules that can be 
used in a formal proof, and at how we make use of them. 


1.2 Three rules of proof 


When we come to choose which rules of proof to allow, we must bear in 
mind that it is an absolute requirement that formal proofs should be 
logically valid and that they can be checked by a machine. Before we discuss 
logical validity and machine checkability, however, we need to consider a 
practical matter. 


Practical considerations pull us in two directions. When it comes to giving 
formal proofs, we would like our formal system to be very powerful with lots 
of rules, so that formal proofs are easy to construct and so that a formal 
proof exists whenever we can reasonably expect this. From this point of 
view the only constraints are those of logical validity and machine 
checkability mentioned above. However, when it comes to studying a formal 
system, as an object of mathematical enquiry, it is desirable that the formal 
system should be as simple as possible, with a small number of rules. In this 
course we have chosen to use a formal system with rather a small number of 
rules, but which is sufficiently powerful for formal proofs of formulas to exist 
whenever this is not ruled out by the requirement of logical validity. 


We shall not include the column 
headings when writing down a 
formal proof. 


We encountered a similar dilemma 
when choosing the basic symbols of 
our formal system in Unit 4 
(Subsection 1.1). 


We now need to explain exactly what the requirement of logical validity 
means. As we have noted, a formal proof establishes the claim that a certain 
formula can be deduced from a set of formulas used as assumptions. The 
requirement of logical validity is that, whenever we have a formal proof of a 


formula 7 from a set of assumptions $1, @5,...,;, then ~ must be a logical 
consequence of these assumptions. You should recall that this means that y See Unit 4, Definition 3.4. 
is true in every interpretation in which ¢,, ¢5,...,@, are true. We shall 


ensure that formal proofs are logically valid by ensuring that each individual 
rule we introduce preserves logical validity, so that each step within a proof 
preserves logical validity. 


We now come to our second requirement, that of machine checkability. We 
incorporate this requirement into our formal system by designing each of the 
rules of proof in such a way that there is an algorithm that can check 
whether a purported use of the rule is a correct application of it. 


We are now ready to introduce our first rule of proof. It corresponds to the 
one used on lines 1 and 2 of the informal proof given in Subsection 1.1, that 
is the rule which corresponds to making an assumption. For this reason it is 
called the Assumption Rule. 


Definition 1.1 Assumption Rule (Ass) 


Any formula may be introduced on a line of a formal proof. The only 
assumption in force on this line is the formula itself. 


We write Ass in the Justification column of a formal proof to indicate that 
the Assumption Rule has been used. Thus a line on which this rule is used 
will have the following form. 


Assumptions Line number Assertion Justification 


k (k) o Ass 


Note that the assumption number is the same as the line number. This is 
because, as specified by the rule, the only assumption in force on a line 
where the Assumption Rule is used is the formula introduced as an 
assumption on that line. 


You may think that the Assumption Rule is rather trivial. It is a very 
simple rule, but it should not be undervalued. We used it twice in our 
informal proof. We shall subsequently see that, without this rule, most 
formal proofs would not get off the ground. In most cases the first line of a 
formal proof will consist of an application of this rule. 


It is easily seen that the Assumption Rule meets the requirements of logical 
validity and machine checkability. When we use the rule, a formula ¢ is 
derived from the assumption ¢. It is trivially true that a formula ¢ is a 
logical consequence of ¢. So the rule is logically valid. It is also clear that 
there is an algorithm to check whether a line in a formal proof has the 
correct form for a use of this rule, as set out above. 


The next rule that we introduce is more powerful. We first specify the rule, 
then we give an example of its use, after which we explain why it satisfies 
our two requirements, namely logical validity and machine checkability. 


You will need to recall the definition of tautological consequence, namely See Unit 4, Definition 3.5. 
that the formula 4% is a tautological consequence of the formulas 
01, O2,- - -, Ok if the formula 


((-- + ((b1 & bg) & $3) ++» & pr) > Y) 


is a tautology. 


Definition 1.2 Tautology Rule (Taut) 


If the formulas ¢,,¢5,...,¢, occur on certain lines of a formal proof 
and the formula w is a tautological consequence of $1, ¢9,...,@,, then 
on any subsequent line we may introduce the formula w, which will 
depend on all the assumptions in force on the lines on which the 
formulas $1, @o,...,, occur. 


When we use the Tautology Rule we indicate this in the Justification 
column by writing Taut followed by the numbers of the lines on which the 
formulas $1, do,...,, occur. 


Here is an example to illustrate the use of this rule. 


Example 1.1 


1 (1) (Ax(x+y)=0-y=0') Ass 
2 (2) (Ar(x+y)=OVVzy=z) Ass 
Ti Diee(3) oa — OV Vz — 2) Taut: 12 
The annotation on the right of line 3 indicates that we have derived this line 
using the Tautology Rule from the formulas on lines 1 and 2. Thus the 


assumptions in force on line 3 are all those in force on lines 1 and 2, namely 
1 and 2. This is indicated by the annotation 1,2 on the left of line 3. 


For this to be a correct use of the Tautology Rule, we need the formula 


(ae (z +y) = 0 > y =0') & (Ax (£ +y) = 0 V Yzy = 2)) > (y=0' V Yzy = 2) 


to be a tautology. We have already seen, in Unit 4, Problem 3.2(b), that this 
formula is a tautology. So the table above is a correct formal proof. It is a 
formal proof of the formula on line 3 from the assumptions in force on this 
line, namely the formulas on lines 1 and 2. & 


Now we check that the Tautology Rule meets our requirement of logical 
validity. We need to show that if a formal proof is valid up to the point at 
which we make use of this rule, then it remains valid to derive the formula 
from the formulas ¢,,5,...,,; which occur on specified earlier lines of the 
proof, on which the sets of assumptions in force are Aj, Ao,..., Ax 
respectively. The supposition that the proof is valid at this point means 
that, for 1 < i < k, the formula ¢; is a logical consequence of the set of 
formulas Aj. 


When we apply the Tautology Rule to derive the formula w, the set of 
assumptions in force will be all those in the sets A1, Ag,..., Ag. That is, the 
set of assumptions is A where 


A =A;,UA2U-:-UAg. 


We show that the formal proof is still valid by showing that, in this 
situation, % is a logical consequence of the set of formulas A. We thus need 
to show that if we have an interpretation in which all the formulas in A are 
true, then ~ is also true in this interpretation. 


So suppose that we have an interpretation in which all the formulas in A are 
true. Then, for 1 <i < k, all the formulas in A; are true, and hence, as ¢; is 
a logical consequence of A;, ¢; is also true in this interpretation. Thus each 
of the formulas ¢,, ¢5,...,¢, is true. As we have used the Tautology Rule to 
derive w, w is a tautological consequence of ¢),¢5,...,¢,. Hence, by 
Theorem 3.1 of Unit 4, it is a logical consequence of these formulas. It 
follows that ~ is also true in the given interpretation. 


This completes the proof that ~ is a logical consequence of A. In this way 
we have shown that the Tautology Rule is logically valid. 


10 


A is the Greek letter ‘capital delta’. 


A use of the Tautology Rule is valid if and only if the relevant formula 

((--- ((¢, & p2) & b3)--- & Øk) > Y) is a tautology. We saw in Unit 4 that 
there is an algorithmic method based on truth tables for determining 
whether or not a formula is a tautology. Thus the Tautology Rule also meets 
our requirement of machine checkability. 


The Tautology Rule is quite powerful. It encompasses in a single rule almost In many standard treatments of 
all deductions whose logical validity arises from the meanings of the logic the Tautology Rule is 
connectives. We made use of an informal version of the Tautology Rule in replaced by a number of different 


3 x £ F x 1 li tely with each 
the informal proof which we gave in Subsection 1.1. Consider the step made A a R ses 


at line 11. If we use ¢, to represent ‘n? is odd’ and @, to represent ‘n? is their advantages and 
even’ then we see that this step amounts to deducing the formula (¢, & 2) disadvantages. One major 
from the formulas ¢,, >. Since, as you can easily check, the formula advantage of using the Tautology 


Rule is that it generally makes 


((ġ1 & $2) > (1 & $2)) is a tautology, this step corresponds to a use of the Snare siete 


Tautology Rule. 


The next rule that we introduce also corresponds to a step in the informal 
proof we have just been discussing. This is the step at line 14, where we 
incorporated an assumption into the assertion by using the word ‘implies’. 
Since it is the symbol — that corresponds to ‘implies’, we formulate our 
third rule, called the Conditional Proof Rule, as follows. 


Definition 1.3 Conditional Proof Rule (CP) 


If the formula ~ occurs on a line of a formal proof and the formula ¢ 
occurs among the assumptions in force on that line, then on any 
subsequent line we may introduce the formula (¢ — w), which will 
depend on all the assumptions other than ¢ which are in force on the 
line on which the formula ~w occurs. 


When we use this rule we indicate this in the Justification column by writing 
CP followed by the number of the line on which the formula w occurs. 


Here is an example to illustrate the use of this rule. 


Example 1.2 
We give a formal proof of the formula 


(t=y— (t@=yVy=0)) 
depending on no assumptions at all. 
I AUD). Seay, Ass 
E 2) an (Go — Ney) Taut, 1 
(3) (c=y>(t=yVy=0)) CP,2 


The use of the Tautology Rule on line 2 is justified as the formula 
(x =y > (x = y V y = 0)) is a tautology, as you can easily check. 


The use of the Conditional Proof Rule on line 3 is justified as follows. On 
line 2 we have the formula (x = y V y = 0) and the formula x = y is in force 
as an assumption on this line. The Conditional Proof rule tells us that we 
can introduce the formula (x = y > (x = y V y = 0)) and that this depends 
on all the assumptions on which (x = y V y = 0) depends other than the 
formula x = y. But there are no assumptions on which (x = y V y = 0) 
depends, on line 2, other than x = y. So the formula on line 3 does not 
depend on any assumptions at all. We indicate this by not writing anything 
in the Assumptions column on the left of line 3. On the right of this line we 
write CP, 2 in the Justification column to indicate that line 3 has been 
obtained by applying the Conditional Proof Rule to line 2. 4 


11 


As with the other rules, we need to check the logical validity of the 
Conditional Proof Rule. Suppose that we have a formal proof which is valid 
to the point at which we make use of this rule, and that we apply this rule 
to derive the formula (¢ — w) from an earlier line on which w has been 
derived from a set of assumptions, ¢, ¢,,¢5,...,¢, say, which includes ¢. 
Our supposition that the proof so far is valid means that w is a logical 
consequence of $, $1, 2,- --, p. When we use the Conditional Proof Rule 
we derive the formula (¢ — ~) from the set of assumptions ¢,, $o,..., Py. 
Thus to show that the proof is still valid we need to show that (¢ — w) is a 
logical consequence of $1, ¢9,..., Pz: 


To this end we consider an interpretation in which all the formulas 

1, 2,---,, are true. In this interpretation the formula ¢ is either true or 
false. We show that in either case the formula (¢ — ~) is true. If ¢ is false 
in this interpretation, then it follows immediately from the truth table for — 
that (¢ — w) is true. If ¢ is true then in this interpretation all the formulas 
$, $1,2,- --, Op are true. Then it follows immediately from our supposition 
that ~ is a logical consequence of ¢, $1, $2,- --,Ọp that ~ is true. Hence, 
using the truth table for —, the formula (¢ — w) is true. Thus in either case 
(¢ — y) is true. It follows that this formula is a logical consequence of 

1; 2,- --, Ok, and hence that the Conditional Proof Rule is logically valid. 


It is equally easy to see that the Conditional Proof Rule meets our machine 
checkability requirement. Suppose that this rule has been used on a certain 
line. To check that a correct use of the rule has been made, two things need 
to be checked. First, the formula that has been derived must have the form 
(¢ — Y) where w is the formula which occurs on the earlier line referred to 
in the justification and where ¢ is one of the assumptions in force on this 
line. Second, the assumptions which are listed as being in force on the line 
on which (¢ — y) occurs must be precisely the assumptions on the earlier 
line other than ¢. It should be evident that both checks can be carried out 
algorithmically. 


You should note that whenever we use the Conditional Proof Rule one 
assumption formula is removed. Since in most formal proofs the Assumption 
Rule will be used to introduce assumptions, it is useful also to have a rule 
which allows assumptions to be eliminated. 


Schematic proofs 


Look back at the formal proofs given in Examples 1.1 and 1.2. The validity 
of each proof depends on the meanings given to the connectives used in the 
formulas in these proofs. These connectives are used to build up formulas 
from subformulas which do not contain any connectives. In order to give 
explicit examples we had to specify the details of these subformulas, but the 
validity of these proofs does not depend on these details in any way. 


12 


For example, in Example 1.2 we noted that the formula 

(x =y — (x = y V y = 0)) is a tautology. We can show this by letting @ and 
x represent x = y and y = 0 respectively, so that the formula becomes 

(0 — (0 V x)), and then drawing up a truth table for this formula. However, 
the formula (0 — (0 V x)) is a tautology whatever formulas are substituted 
for 6 and x. This means that the following is a valid formal proof whatever 
formulas 0 and x happen to be. 


Ee (eh), Eo Ass 
Ly (Vx) Taut, 1 
(3) (@— (8Vx)) CP,2 
We get the proof of Example 1.2 when @ is the formula x = y and x is the 


formula y = 0. If we make a different choice for 0 and x we obtain a 
different formal proof, as in the next example. 


Example 1.3 
lee) ee sie co = 0. Ass 
1 (2) (Arx=0' VV2 (r+ 0) = 2) Taut, 1 


(3) (ava =0' > (Axx =0' VVrz(x+0)=2)) CP,2 


This formal proof has been obtained by substituting in the table above the 
formula Jx x = 0’ for 6 and the formula Yz (x + 0) = = for x. $ 


Although the formal proofs of Examples 1.2 and 1.3 are different proofs, the 
fact that they can both be obtained from the above table by making 
substitutions for 0 and x brings out the fact that they both have the same 
logical form. The advantage of the above table is that it enables us to 
concentrate on what is essential, namely that the formulas in the proof are 
built up from the subformulas @ and y using connectives in the way shown. 
The internal structure of 0 and y is not relevant here, and it helps not to 


show it. 
We call such a table a schematic proof. Whatever formulas are substituted In propositional logic, which was 
for the Greek letters, it becomes a valid formal proof. mentioned at the end of 
Subsection 3.1 of Unit 4, schematic 
We now give some more examples of schematic proofs. proofs are isolated for study by 
themselves. 
Example 1.4 
t A) Y Ass 
2 2) ab Ass 
TAP EN E E, Taut, 1,2 
1 (4) (“~-9) CP,3 


This shows that whatever formulas we substitute for ¢ and 7, the resulting 
formula (7) — ¢) may be derived from the assumption 7. 


The use of the Tautology Rule on line 3 is justified because the formula 
((Y & aw) — ¢) is always a tautology, as you may readily check. The 
assumptions in force on line 3 include =~% and hence, by using the 
Conditional Proof Rule, we can introduce the formula (=~ — ¢) on line 4; 
the assumptions in force on this line are those in force on line 3 other than 


Y. + 


13 


Example 1.5 


Id Ass 
2 (2), Y Ass 
1,2 (3) (¢&y) Taut, 1,2 
1 (4) Y~>(¢&y)) CP,3 
(5) ($> (b> (e&y))) CP,4 


The use of the Tautology Rule on line 3 is justified because 

((ġ & Y) — (¢& y)) is always a tautology. On line 4 we have used the 
Conditional Proof Rule to drop w from the list of assumptions in force, and 
on line 5 we have used it to drop ¢ from the list of assumptions. Thus we 
end up with a schematic proof which shows that, for all formulas ¢ and 4, 
there is a formal proof of the formula (¢ — (Y —> (¢ & ~))) which depends 
on no assumptions. 


Example 1.5 provides an example of a common use of the Conditional Proof 
Rule. Suppose we wish to derive an implication of the form (0 — x) from a 
given set of assumptions. We add the formula @ to the list of assumptions, 
and then we aim to find a proof of x from this augmented list of 
assumptions. If we succeed in this, we can then use the Conditional Proof 
Rule to derive (0 — x) from the remaining assumptions. In Example 1.5 we 
used this strategy twice. To prove (¢ > (Y — (@ & y))) from no 
assumptions, we first made the assumption ¢ with the aim of deriving 

(y — (@& w)). Then we used the same strategy to derive (Y — (¢& w)): we 
added w to the list of assumptions and then aimed to derive (¢ & 7). It was 
straightforward to achieve this latter aim, as we did on line 3, using the 
Tautology Rule. We then used the Conditional Proof Rule twice to complete 
the task of deriving (¢ — (Y — (¢ & y))) from no assumptions. 


Problem 1.1 


The following schematic proofs are incomplete because the assumption 
numbers on the left-hand side of each line are missing. 


(i) Fill in these missing assumption numbers. 


(ii) Where the Tautology Rule has been applied, state which tautology has 


been used. 
(a) (1) y Ass 
(2) @ Ass 
(3) (¢V¥) Taut, 1 
(4) (¢&y) Taut, 1,2 
(5) ((¢V¥)& ($ & yp)) Taut, 3, 4 
(6) (PV (($ Vy) & (p&yp))) CP,5 
(b) (1) (@V x) Ass 
(2am =i Ass 
(3) @ Taut, 1,2 
(4) 4 Ass 
(5) (ġ& y) Taut, 3,4 
(6) (-x>(@&¥))  CP,5 
(7) (xvV(@&y)) Taut, 6 
(8) (b> (xv (o&d))) CP,7 
14 


Problem 1.2 


(a) Give a schematic proof to show that for all formulas ¢, and 7 there is a 
formal proof of the formula —(¢ — 7) from the assumptions ¢ and ~. 


(b) Show how your schematic proof of part (a) may be extended to give a 
schematic proof of 


($ > 4 > 7(¢ > ¥))) 


depending on no assumptions. 


Problem 1.3 


Give schematic proofs to show that for all formulas ¢ and ~ there is a formal 
proof of each of the following formulas depending on no assumptions. 


(a) ($ > ((¢> 4) > 4)) 
(b) (“4 => =4) > ((-¢ > Y) > ¢)) 


You have now seen three rules of proof: the Assumption Rule, the Tautology 

Rule and the Conditional Proof Rule. Before we go on to look at further 

rules in Sections 2 and 3, it is worth pausing to reflect on the Tautology 

Rule. This rule is based on the idea of tautological consequence. However, 

since the aim of our rules is to provide logically valid proofs, a concept based 

on the idea of logical consequence, would it not be better to replace the 

Tautology Rule with one based on this concept? So, suppose that, in 

Definition 1.2, we were to replace ‘tautological consequence’ by ‘logical 

consequence’. The amended rule would still meet our requirement for logical 

validity. However, it would not meet our requirement for machine 

checkability. This is because the notion of logical consequence refers to all 

possible interpretations of our formal language, and there might be infinitely 

many of these. For this reason alone, you might find it plausible that such a 

rule would not be machine-checkable. In fact it is not even 

machine-checkable when applied solely to the standard interpretation , the A proof that logical consequence is, 
cause of which failure is the inclusion of the infinite set N in ~. Thus we in general, not machine-checkable 
must settle for the Tautology Rule as given in Definition 1.2, which we have Will be given in Unit 8. 

seen is machine-checkable. 


It may now surprise you, having seen that logical validity is linked via 
logical consequence to all possible interpretations of our formal language, 
that, by adding just a few more rules, we can obtain a machine-checkable 
formal system adequate to provide a formal proof of 7 from assumptions 
$1, 2,---,, Whenever ~ is a logical consequence of these formulas. But 
such rules do exist and we begin describing them in the next section. 


15 


2 QUANTIFIER LOGIC: THE 
UNIVERSAL QUANTIFIER 


In this section and the next we shall describe the rules of proof that we use 
to handle the quantifiers. We shall deal in this section with the universal 
quantifier V, and in the next section with the existential quantifier 3. We 
shall start this section with an important technical discussion about 
variables in formulas. 


2.1 Free and bound variables 


In this subsection we shall discuss a distinction between two different roles 
that variables can play in formulas. The distinction we make is not difficult 
to understand in general terms, as it corresponds to different ways in which 
variables are used in everyday mathematics. However, for our purposes, a 
general idea of the distinction is not quite good enough. We shall need to 
look in detail at the syntax of formulas so that we have an algorithmic 
method for making the distinction which concerns us. 


We have already alluded to this distinction in Unit 4. At the end of 
Subsection 3.2 we considered the following three formulas 


(a) 3a (2-2) = 0" 
(b) Wy3e(e-2) =y 
(c) 3z (x-1) =y 


and we asked whether or not they are true in the standard interpretation ⁄/. 
We remarked that formula (a) is true and formula (b) is false, but we cannot 
say whether or not formula (c) is true unless we know which element of the 
domain the variable y is interpreted as referring to. This distinction between 
the role of the variable y in formula (c) and that of the other variables arises 
from the syntax of these formulas. It has nothing to do with the properties 
of M. It arises in any interpretation. For example, in the interpretation 
whose domain is the set R of real numbers, and with the standard 
operations of addition and multiplication on this set, formula (c) is true if 
and only if the variable y is interpreted as referring to an element of R which 
has a square root in R, that is, to a non-negative real number. 


In formula (a) the variable x is associated with an existential quantifier. Its 
role is to express the existence of a solution of the equation 


(x 4 x) = Tiida 


In any given interpretation the term 0%” will be interpreted as referring to a 
specific element of the domain. Either this equation has a solution for this 
interpretation of 0” or not. In the former case the formula (a) is true in the 
given interpretation and in the latter case it is false. 


Similarly, in formula (b) both the variables x and y are associated with 
quantifiers. The variable y is associated with a universal quantifier and so its 
role is to express the fact that, in a given interpretation, there exists a 
solution x to the equation 


(w@-a)=y 


whichever element of the domain the variable y is taken as referring to. For 
each specific interpretation this fact will be either true or false, and 
correspondingly formula (b) will be true or false. 


In contrast, the variable y is not associated with a quantifier in formula (c), 
so it neither expresses universality nor existence. In order to determine 
whether this formula is true in a given interpretation we need to know to 


16 


Plainly a major requirement of our 
rules of proof is that they should 
handle quantifiers. Hence we shall 
sometimes refer to the proof 
system developed in this unit and 
in Unit 6 as quantifier logic. 


which element of the domain it refers. Note that this situation does not arise 
for the variable x in this formula, as it is associated with an existential 
quantifier. 


We now show how we can make precise this distinction between the two 
sorts of roles that variables can play. Variables that are associated with 
quantifiers are called bound variables and those that are not are called free 
variables. As we shall see, free variables are so called because, in a sense to 
be made more precise later, we are free to substitute values for them. 


A key point to note is that the same variable will often occur more than 
once in a formula, and in such cases some of these occurrences will be 
associated with quantifiers and some not. For example in the formula 


(Va dyy = 2! & Sr (xz-x) =y) 


the variable y occurs three times. The first two occurrences are associated 
with the existential quantifier and are bound occurrences, but the third is 
not associated with any quantifier and is thus a free occurrence. 


We see from this example that the distinction we need to make is between 
free and bound occurrences of variables in formulas. We do this by thinking 
about the formation rules for formulas. You will recall that formulas are 
built up from atomic formulas using the connectives and quantifiers. In an 
atomic formula all occurrences of variables are free occurrences. The status 
of the variables does not change when we introduce connectives. The free 
occurrences of variables in 4, (¢ & Y), (6V 4), ($ > Y) and (¢ = Vv) 
correspond to the free occurrences in ġ and a, and likewise for the bound 
occurrences. It is the introduction of quantifiers that binds variables. Thus 
in the formulas Vv ¢ and Jv ¢, all occurrences of the variable v are bound 
occurrences. 


Thus if we trace how a formula is built up from atomic formulas as we did in 
Unit 4, we can work out which occurrences are free and which are bound. 


To illustrate this, let us consider the usual analysis of the formula 
((y = OV Jyzz = (yt+y)) > Yz 31 (y + 2) =z) 


It is as follows: 


(2.1) 


((y=OV Jyt = (y +y)) > Yz dz (y + z) =z) 


y=0 Jys = (y + y) Az (y +2) =z 
[© [© 
z= (y +y) (y+a) =z 


We can look at this diagram in two ways. Reading from top to bottom, it 
shows how the original formula can be broken down into components. On 
the other hand, reading from bottom to top, it shows how this formula is 
built up from atomic formulas. To distinguish the free and bound 
occurrences of variables we look at this diagram in this second way. We have 
labelled the stages at which quantifiers are introduced. Each introduction of 
a quantifier leads to all the occurrences of the relevant variable being bound 
in the resulting formula, and these occurrences remain bound as we continue 
upwards, and hence are bound occurrences in the original formula at the top 
of the diagram. We have underlined all the bound occurrences of variables 
from the stage where they first get bound. 


As we comment at the end of this 
subsection, an analogous 
distinction occurs in everyday 
mathematics, where variables 
associated with the analogue of 
quantifiers are often called dummy 
variables. 


See Unit 4, Subsection 2.1. 


The underlining indicates bound 
occurrences of variables. 


Formula (2.1) provides another 
example of the same variable 
having both free and bound 
occurrences in a formula. For 
example, reading from left to right, 
the first and last occurrences of the 
variable y are free occurrences, and 
the other three occurrences of y are 
bound occurrences. 


Note that whenever we introduce a 
quantifier, the occurrence of the 
variable immediately following the 
quantifier counts as a bound 
occurrence. That is why in the 
example above we have Jz, Jy and 
Vz with the variables underlined. 


17 


Clearly the underlining process we have carried out here is purely 
mechanical, and hence it provides us with an algorithm for deciding whether 
or not a given occurrence of a variable in a formula is free or bound. 


Example 2.1 
Va dyVz((e+y) =zV(e@=O0Vy=2z)) 


The analysis is as follows: 


Vz((e+y) =zV(r#=O0Vy=2)) 


© 


(@+y) =zV (z =0Vy=2)) 


oe 


(z+y)=z (z=0Vy=z2) 


Pe 


AAEN y=z 


Thus all the occurrences of x, y and z in the formula are bound. If you 
noticed that the formula has the form Va 3y Vz@ you could have drawn this 
conclusion without the need for the above analysis. 4 


Example 2.2 
(a) (Gy (y -y) =x & 3t (z +t) =y) 
(b) Jy ((y-y) =r&3t(x+t)=y 


Here are the analyses 


(a)  (Gyly-y)=r&It(z+t)=y) 


) 


(b)  JXy((y-y)=xr& t(x +t)= y) 


[9 


(yy) =a & At (a@+t) =y) 


18 


The examples show how important bracketing can be. In (a) the first three 
occurrences of y are bound, whereas the fourth occurrence is free. In (b) all 
the occurrences of y are bound. In (a) and (b) both occurrences of x are 
free, and both occurrences of t are bound. +$ 


After some practice, it should be possible for you to distinguish between free 
and bound occurrences of variables without the need to write down the 
analysis of the formula. 


In Example 2.1, there are no free occurrences of variables. Formulas with 
this property are called sentences. 


Definition 2.1 Sentence 


A sentence is a formula in which there are no free occurrences of 
variables. 


Thus a sentence is a formula in which all occurrences of variables are bound 

occurrences. Note that there are some formulas in which there are no 

variables at all. One example is ~ 0” = 0’”. Such formulas count as 

sentences. In any given interpretation, a particular sentence is either true or To avoid complications with free 
false — there is no extra complication of having to specify values in the variables, it is customary to express 


domain for any free variables. axioms for number theory, which 
we shall do in Unit 6, as sentences. 


We end this subsection with some remarks about free and bound variables in 
everyday mathematics. In this context formulas are usually expressions 
which can take numerical values. Here are some examples. 


: ý tee x as 2" 
(a) f Tade — (b) f d () 2 Opa 


Expression (a) has a definite numerical value, whereas in (b) the value 
depends on the value of the free variable a. However, in (a) and (b) it does 
not make sense to ask for the value of x; its role is to show which function 
we are integrating. We could replace x in (a) or (b) by another variable 
without changing the meaning. So, for example, 


1 1 
j x? dx = | t? dt. 
0 0 


In logic we call such a variable a bound variable; in everyday mathematics it 
is more usual to call it a dummy variable. Likewise, in (c) and (d), n is a 
bound or dummy variable, whereas in (d) = is free. 


Problem 2.1 


In the following formulas, determine which occurrences of variables are free 
and which are bound. State which of the formulas are sentences. 


19 


2.2 The Universal Quantifier Elimination Rule 


Now that we have dealt with the distinction between free and bound 
occurrences of variables, we are in a position to begin describing the formal 
rules of proof for the quantifiers. We start with the universal quantifier V. 
We have two rules of proof associated with this symbol, one for eliminating 
it from a formula and the other for introducing it into one. We consider the 
elimination rule first. 


Our method for devising the quantifier rules will be to look at how 
quantifiers are handled in informal mathematical arguments, and to mirror 
this in our formal rules. So we begin by looking at some examples. Consider 
the following simple argument from elementary number theory. 


From the identity x? — 1 = (x — 1)(x + 1), it follows that 
7? — 1 = (7 — 1)(7 + 1) and so is divisible by 8. 


At first sight no universal quantifier is present; but it must be remembered 
that in informal mathematics the symbol V is not often used, other methods 
being used to indicate that statements are universally true. In the example 
above, the word ‘identity’ has been used to indicate that the equation is true 
for all values (in the relevant domain — here, the natural numbers) of the 
variable x. So the deduction in this passage, expressed slightly more 
formally, is as follows. 


From 

Vax? —1= (2 —1)(4 +1) (2.2) 
we deduce that 

7 —1=(7-1)(7+1) (2.3) 


We can see that, in going from (2.2) to (2.3), the universal quantifier Y and 
the variable x following it have been eliminated, and all the remaining 
occurrences of x have been replaced by occurrences of the symbol 7; the 
variable which expressed generality in (2.2) has been replaced in (2.3) by the 
symbol for a particular number. 


We are not obliged to replace the variable by a numeral; it could be replaced 
by a more complicated expression. For example, in an argument in 
trigonometry, where the range of values taken by the variables would be the 
set of real numbers, we might want to deduce from (2.2) that 


(sint)? — 1 = (sint — 1)(sint + 1). (2.4) 


So this time x has been replaced by sint, and it is easy to imagine situations 
where we would want to substitute even more complicated expressions for x. 
In general, the sort of expressions we might want to substitute for x will be 
those that can stand for elements of the domain of the interpretation 
(usually numbers). Recall that, in Unit 4, we called these expressions terms. 
So the rule we are looking for will be one which allows us to drop a universal 
quantifier and the variable which follows it from the beginning of a formula, 
and to replace all the remaining occurrences of the variable, which are now 
free occurrences, by a given term. In order to be able to state this rule 
succinctly, it is convenient to introduce some notation. 


Definition 2.2 


If ¢ is a formula, v is a variable and 7 is a term, then ¢(7/v) is the 
result of substituting the term 7 for each free occurrence of v in @. 


It should not be difficult to convince yourself that if ¢ is a formula then so is 


(7/0). 


20 


You can think of ¢(7/v) as 
meaning ‘¢ with 7 replacing all the 
free occurrences of v’. 


Example 2.3 
(a) Let ¢ be the formula 


dyy = (x + 2) 
Both occurrences of x in @ are free occurrences and so ¢(0/z) is the 
formula 

ayy = (0 + 0) 


and $((# + z)/x) is the formula 
Jyy = ((@+z) + (w+ z)) 
(b) Let @ be the formula 
(Vz(y-z) = y > Vy(y- z) =y) 


Here the first two occurrences of the variable y are free occurrences, but 
the remaining occurrences are all bound. Hence the formula ¢(0’/y) is 


(vz (0'- z2) =0' > Yy (y -2) =y) 
For a similar reason ¢(0’/z) is 


(Vz(y+z) =y > Yy (y= 0’) =y) ¢ 


Problem 2.2 


In each of the following cases, where you are given a formula ¢, a term 7 and 
a variable v, write down the formula ¢(7/v). 

(a) dis dy (y - y) = (x - (£x + y)), Tis (2” +0), v is z. 

(b) dis (3z (x - x) = y & x = (z + y)), Tis 0’, v is z. 
Gonsar e) =y& r = (z+ y)), Tis 0’, vis z. 
( )=y& r= (z +y)), Tis 0’, v is y. 
(e) dis Jyy = (x + z7), Tis y’, v is z. 
(f) dis Jz (z + x) = 
(g) gis Jz (z + x) = 


AE a E O EA 


n 


zam) T isz 0i: 


In terms of the notation we have just introduced, the formal rule we are 
aiming at should tell us that from a formula Vv ¢ we can derive ¢(7/v), 
where 7 is some term. 


Before we state this rule we need first to check that it meets our 
requirements of logical validity and machine checkability. Since we have an 
algorithm to decide which occurrences of variables in a formula are free 
occurrences, it is easily seen that the second requirement is met. 


At first sight, everything also seems to be in order with the requirement of 
logical validity. If the formula Vv ¢ is true in some interpretation, then every 
element of the domain must have the property expressed by the formula ¢. 
In particular, the element corresponding to term 7 has this property, and so 
it would seem that the formula ¢(7/v) must also be true. This is almost 
correct, but it overlooks a technical complication which we now explain. 


When we were discussing the difference between free and bound occurrences 
of variables, we said that the truth of the formula depends on the 
interpretation of the free variables, and in this sense expresses properties of 
these variables. The bound variables are just ‘dummies’ whose role is, for 
example, to express generality. The deduction of ¢(7/v) from Vu ġ will be 
valid only if ¢(7/v) says the same thing about 7 as ¢ says about v. Things 
will go wrong if there are variables in tT which become bound when we 
substitute 7 for the free occurrences of v in ¢. 


21 


For example, let ¢ be the formula Jy y = (x + x), so that Va ¢ is the formula 


Va dy y = (x + x) (2.5) 
and let 7 be the term y’, so that ¢(7/z) is the formula i 
ayy = (y' +y’) (2.6) 


Formula (2.5) is true in the standard interpretation ./: it says that, for each 
natural number, there is another natural number which is twice the original 
number. However, formula (2.6) is false in ./: it asserts that there is a 
natural number y such that y = (y + 1) + (y+ 1), which is clearly not true. 
Since there is an interpretation which makes (2.5) true but (2.6) false, we 
cannot validly deduce (2.6) from (2.5). The reason that something has gone 
wrong is that the term 7 contains the variable y, and these occurrences of y 
become bound when we substitute 7 for x in @. 


To avoid this sort of problem and ensure that the inference of ¢(7/v) from 
Vu @ is logically valid, we shall require that no occurrences of variables in 7 
become bound when we substitute 7 for free occurrences of v in ¢. It is 
convenient to have a shorthand expression for this condition, so we make the 
following definition. 


Definition 2.3 Free substitution 


We say that the term 7 may be freely substituted for the variable v in 
the formula ¢ if no occurrences of variables in r become bound when 
we substitute 7 for free occurrences of v in @. 


Example 2.4 
(a) Let ¢ be the formula 


Jy (y+ y) = (x - (x +y)) 


and let 7 be the term (z” + 0). The only variable in 7 is z and, since 
there are no quantifiers involving z in @¢, neither of the occurrences of z 
in ¢(7/x) is bound. So 7 may be freely substituted for x in ¢. 


Let ġ be the formula 
dz (z+y) = (e+ (z+y)) 


and let 7 be the term (z” + 0). The term 7 may not be freely 
substituted for x in @ since the variable z occurring in T becomes bound 
in ¢(7/x), which is the formula 


dz (z - y) = ((z” +0)-(z+y)) 
(c) Let ¢ be the formula 
(c=0 V Iry) 


e 
~~ 


and let T be the term (x + y). Only the first occurrence of x in ¢ is a 
free occurrence and hence ¢(7/2) is the formula 


((a+y) =0' V dry =2’) 


We see that both the variables x and y which occur in 7 gives rise to free 
occurrences of these variables in ¢(7/x). Thus 7 may be freely 
substituted for x in ¢. 


However, r may not be freely substituted for y in ¢, since the formula 
$(T/y) is 
(2 = 0 Vda (x+y) =2’) 


and the occurrence of the variable x in the term (a + y) becomes bound 


in $(7/y). + 


22 


Problem 2.3 


In which of the following cases may the term 7 be freely substituted for the 
variable v in the formula ¢? 


(a) gis (dAzz=y! &3t(t-t)=z2 
(b) gis dz(z=y' &At(t-t) = 2), ris (z”-y), vis z. 

(c) dis (Vadza = (z + z) > 3t (t + t) = (y+2z)), Tis (y + z), v is y. 
( 

( 


TIENE cy) U IE 


ji 
i 


d) gis Vz Jy ((y +y) = z V (y +y’) = z), Tis (y + 2), v is y. 
e) dis Vy (ar (x + x) = y > y = (x' + z)), Tis z, v is z. 


We can now state our formal rule for the elimination of the universal 
quantifier. 


Definition 2.4 Universal Quantifier Elimination Rule (UE) 


If the formula Vv ¢ occurs on a line in a formal proof and 7 is a term 
which may be freely substituted for the variable v in ¢, then on any 
subsequent line we may introduce the formula ¢(7/v), which will 
depend on the same assumptions as does Vv ¢. 


With the specified condition on the term 7, the rule can be shown to be 
logically valid. Any algorithm to check which occurrences of a variable v are 
free can be extended to check whether a term 7 may be freely substituted for 
these occurrences. So our requirements for logical validity and machine 
checkability are met. 


Example 2.5 


We cannot give any very interesting examples of the use of the Universal 
Quantifier Elimination Rule until we have some other rules for quantifiers at 
our disposal. Meanwhile, here is a simple example of a formal proof which 
uses this rule twice. 

1 (1) VaVy(a+y) =(y+z2) Ass 

1 (2) Wy((e+2)+y)=(y+(e+2)) UE,1 

1 (3) ((¢+2)+2) =(2+(z2+2)) UE, 2 
If we call the formula on line 1 Vx ¢, so that ¢ is the formula 
Vy (x + y) = (y + zx), then the formula on line 2 is 6((z + x)/x). The use of 
the the UE Rule in going from line 1 to line 2 is legitimate as the term 
(z + x) may be freely substituted for x in ¢. If now we call the formula on 
line 2 Vy y, so that is the formula ((z + x) + y) = (y + (z + x)), then the 
formula on line 3 is ~(a/y). Again, the use of the UE Rule is legitimate, 
since the term x may be freely substituted for y in =. Indeed, as there are 
no quantifiers in Y, any term may be freely substituted for y in %. $ 


Problem 2.4 
Show that the formula 

(0’ a 0”) = (05 fe 0’) 
can be derived from the assumption 


Va Vy (z +y) = (y + x) 


Problem 2.5 


Is it the case that, for any term 7, the formula Jy ~r = y is a logical 
consequence of the formula Vx dy =x = y? 


23 


The last problem is a reminder of why we need to be careful about the 
details of substituting a term for a variable within a formula. We shall need 
to be similarly careful with several of our remaining rules. 


2.3 The Universal Quantifier Introduction Rule 


To find the appropriate rule for introducing universal quantifiers into formal 
proofs, we need to consider how universal statements, that is, statements or 
formulas of the form Vu ¢, are proved in mathematics. 


Consider, for example, the proof of the following theorem about groups. 


Theorem 
Let G be a group. Then for all g, h in G, 
(gh)! = h-¥g"?. (2.7) 


Proof 
Take g, h in G. Then 


(h-1g~1)(gh) =h-*(g"*g)h = heh =h 'h=e, 
where e is the identity element of G. 
Thus h~'g~! is the inverse of gh, that is, 

(gh) =h g~. (2.8) 
This completes the proof. z 


This proof establishes the universal statement (2.7) about all elements of the 
group G. We proved it by taking two elements g and h of G and showing 
that they satisfy formula (2.8). Why does this enable us to claim that we 
have thereby proved the universal statement (2.7) and hence that we have 
completed the proof of the theorem? The reason is that in deriving (2.8) we 
made no special assumptions about g and h. We used several properties of 
groups (without mentioning them explicitly) such as the associative 
property, but all we assumed about g and h was that they were elements of 
G. That is why the universal statement (2.7) follows from (2.8). 


We see from this that the standard method for proving a universal formula 
such as Wv ¢ is to prove ¢ without making any special assumptions about v. 
It then follows that ¢ is true for every v being considered, that is, Vu ¢ is 
true. We saw earlier that a formula tells us something about a variable v 
only when v occurs freely in the formula. Thus, a derivation of @ which 
makes no special assumptions about v corresponds to a formal proof of ¢ 
from assumption formulas which contain no free occurrences of v. This leads 
us to the following rule. 


Definition 2.5 Universal Quantifier Introduction Rule (UI) 


If the formula ¢ occurs on a line of a formal proof and the variable v 
has no free occurrences in any of the assumptions in force on that line, 
then on any subsequent line we may introduce the formula Vv ¢, which 
will depend on the same assumptions as does @. 


With the restriction that the assumptions contain no free occurrences of v, 
the rule can be shown to be logically valid. As with the Universal Quantifier 
Elimination Rule, it is easy to see that this rule is machine-checkable. 


24 


Note that, in more advanced books 
on logic, the term universal 

formula is used to mean something 
stronger than one of the form Wv ¢. 


Don’t worry if you are not familiar 
with group theory; the 
mathematical details of the proof 
are not important for our purposes. 


Example 2.6 


The following formal proof is typical in the sense that we make several 
applications of the Universal Quantifier Elimination Rule before we are ready 
to apply the the Universal Quantifier Introduction Rule. In this example, 
each time we apply the UE Rule, the term 7 is just the variable x itself. 


1 (1) VaVyVz(a+(y+z))=((c+y)+z) Ass 
1 (2) WyWz(e+(y+z)) =((e©+y) +2) UE,1 


1 (3) Vz(a+(a+z)) =((a+2)+2) UE, 2 
1 (4) (@+(@+2)) = ((@+2) +2) UE, 3 
1 (5) Va(a+(e+2)) =((c+2)+2) UI, 4 


To see whether the use of the UI Rule on line 5 is legitimate, we need to 
look at the line from which line 5 has been derived. The annotation to the 
right of this line tells us that is has been derived from line 4 using the 

UI Rule. For this use to be legitimate, the variable x must have no free 
occurrences in any of the assumptions on which line 4 depends. The only 
assumption in force on line 4 is the formula on line 1. We see that x has no 
free occurrences in this formula. So the use of the UI Rule on line 5 is 
legitimate. The UI Rule then tells us that line 5 depends on exactly the 
same assumptions as does line 4. 4 


Problem 2.6 
Show that the formula 


Va ((a + x) +a) = ((x - x) + (x- z)) 
can be derived from the assumption 


Va Vy Vz ((x + y) +z) = ((x+ 2) + (y+ 2)) 


Example 2.7 
We shall show that the formula 


Vy Va (z +y) =(y+2) 
can be derived from the assumption 


Yz Vy (a +y) = (y + 7) 


(1) VaeVy(x+y)=(y+a) Ass 
(2) Yy (x +y) =(y+2) UE, 1 
(3) (x+y) =(y+2) UE, 2 
(4) Va(zr+y)=(yt+z)  UL,3 
(5) VyVa(e+y)=(y+x) UL4 


On line 4 we use the UI Rule to add the prefix Vx to the formula on line 3. 
To see whether this is a legitimate use of the UI Rule, we must check that 
the variable x does not occur freely in any of the assumptions on which 

line 3 depends. Similarly, to see whether the use of the UI Rule on line 5 is 
legitimate, we must check that the variable y does not occur freely in any of 
the assumptions on which line 4 depends. Both line 3 and line 4 depend on 
the formula on line 1 as an assumption. The formula on line 1 is a sentence, 
that is, it contains no free occurrences of variables. Hence both uses of the 
UI Rule in this proof are legitimate. 4 


ne Oa ee 


25 


On line 2 of the formal proofs in both Examples 2.6 and 2.7, we have used a 
particularly simple case of the UE Rule. In each case the term 7 is the same 
as the variable v it replaces, so ¢(7/v) is ọ(v/v); and, clearly, ¢(v/v) is 
identical to ¢. So this simple case of the UE Rule can be stated as: 


from Vu ġ we can derive ¢, which will depend on the same assumptions 
as does Vu . 


Since v can certainly be freely substituted for v in @, this is always a 
legitimate use of the UE Rule. 


It is convenient at this stage to introduce the following notation. 


Definition 2.6 
We write 
$1, Paasi Ok e p 
to indicate that the formula ~ can be derived from assumptions 
included among the formulas ¢,, ¢9,..., Py. 
Thus, if ¢,,¢5,...,¢, and ~ are formulas, we may write 
$1, Oars x Fy 
if there is a formal proof on whose last line is the formula w and the 
assumptions in force on that line are included among ¢,, ¢9,...,@,. In 
particular, we may write 
ry 


if there is a formal proof of the formula ~ depending on no assumptions. 
The symbol F is often called the turnstile symbol. 


In terms of this new notation we can say that the formal proof of 
Example 2.7 shows that 


VaVy (x+y) = (y + z) F Yy Yz (x + y) = (y + z) 


It is not difficult to see that this is a particular instance of the fact that, for 
every formula ¢ and all variables u and v, 


VuVu dt Wuv Yu o 


Example 2.8 
For all formulas ¢ and 4%, 


Vu o, Vu ($ > Y) F Wwy 


Note first that, because here we have made a general claim about the 
existence of a formal proof whatever the formulas ¢ and, w are, we shall 
need to justify it by giving a schematic proof as described in Subsection 1.2. 
We seek a schematic proof in which Wv ~w occurs on the last line and the 
assumptions in force on that line are Vu ¢ and Vu (ġ — Y). Thus our first 
move will be to introduce these two formulas as assumptions. 


26 


The turnstile symbol was 
introduced into logic by Frege. It is 
not a symbol of our formal 
language. 


We are aiming to derive the conclusion Vu Y% and we know that if we can 
derive 4% then, under the right conditions, we can derive Voy by the UI Rule. 
Having introduced Vu ¢ and Vu (¢ — y) as assumptions, it is natural to use 
the UE Rule to derive ¢ and (¢ — w) from these assumptions. In fact, we 
can use the special case of the UE Rule mentioned immediately after 
Example 2.7. The gap we then have to fill is to go from ¢, (¢ — w) to the 
desired conclusion 7. But we have seen that the formula 

((¢& ($ > y)) — 4%) is a tautology. Thus we can derive Y from ¢, (¢ > 4) 
by the Tautology Rule. Let us see if we can carry out this plan. 


1 (1) Wo Ass 

2 (2) W(¢—>W) Ass 

1 (3) ¢ UE, 1 

2 (4) (>Y) UB2 
1,2 (5) » Taut, 3,4 
1,2 (6) Ww UI, 5 


The use of the UI Rule is legitimate since the variable v does not have any 
free occurrences in either of the assumptions on which line 5 depends, 
namely the formulas on lines 1 and 2. + 


There are no infallible rules for finding formal proofs, but it is often possible 
to formulate a plan, as in the preamble to the schematic proof in 
Example 2.8. The next example involves another helpful tip. 


Example 2.9 
For all formulas ¢ and W, 


Wo ($ > 4) F (Wud = Wwy) 


Since we wish to show that we can derive the formula (Vu ¢ — Wv w) from 
the assumption Vu (@ — w), we introduce this latter formula as an 
assumption on the first line. We then think about how we might derive the 
conclusion (Yv ¢ > Vu Y). If we can derive Vv% from assumptions which 
include Wv ¢ then, by using the Conditional Proof Rule, we are able to derive 
(Vv ġ + Wv y) from the remaining assumptions. So we introduce Vu ¢ as a 
second assumption. We are now aiming to derive Vu. This puts us in 
exactly the same situation as in Example 2.8 and hence we use the same 
method as in that example. We thus arrive at the following formal proof. 


1 (1) Ww(ọ—> y) Ass 

2 (2) Wd Ass 

13) @-¥) UE 

2 (4) g UE, 2 
120). sap Taut, 3, 4 
1,2 (6) Ww UI,5 

1 (7) (VWud—Vuy) CP,6 


You will note that, except for a change in the order, the first six lines are 
exactly the same as those of the schematic proof of Example 2.8. Then a use 
of the Conditional Proof Rule gives us the formula (Vu ¢@ — Vu w) at which 
we are aiming. + 


In Example 2.9 we have used the following standard technique. If we want 
to derive an implication, say (0 — x), from a certain set of assumptions, 
then we add @ to these assumptions. We then try to derive y. If we succeed 
in doing this, then, by using the Conditional Proof Rule, we obtain a 
derivation of (0 — x) from the remaining assumptions. 


See the solution to Problem 3.7 of 
Unit 4. 


We shall summarize some 
guidelines for finding formal proofs 
in Section 1 of Unit 6, after we 
have met all the quantifier rules. 


LL. 


a  ,_ l ee ee ee 
Show that, for all formulas ¢ and Y, 


Yu (o& p) F Wud & Wy) 


In the final problem of the section we ask you to show that the UI Rule 
would not be logically valid if the condition that the variable v has no free 
occurrences in any relevant assumptions is dropped. 


Problem 2g 2 n ee n a a a a a a 
Give an example of formulas ¢ and ¢,, @2,..-, p for which ¢ is a logical 
consequence of $1, ¢,--.,,, for which the variable v occurs freely in at 


least one of the ¢; (thus disobeying the condition in the UI Rule), and such 
that Vu ¢ is not a logical consequence of ¢,,$5,-.-,¢,- Hint: Try the 
formula v = 0 for ¢. Can you think of a single formula ¢,, in which v occurs 
freely, for which this ¢, but not Vu ¢, is a logical consequence of ġ4? 


3 QUANTIFIER LOGIC: THE 
EXISTENTIAL QUANTIFIER 


In this section we shall look at the two rules for manipulating the existential 
quantifier. The first rule will tell us how to infer an existential formula, that 
is, one of the form Jv ¢. The second rule will tell us how to make inferences 
from a statement of this form. 


3.1 The Existential Quantifier Introduction Rule 


In informal mathematics the direct method for proving that there exists an 
object with a certain property is to exhibit a specific example of an object 
which has that property. Here is a simple case of such a proof. 


Theorem 


There exists a non-zero 2 x 2 matrix whose square is the zero matrix. 


Proof 

= 1 1 See 1 1 1 Py ALO) 
et A=(_} _{): Then A E z e HOr F 
Thus A is a non-zero 2 x 2 matrix with A? the zero matrix. w 


The pattern of this argument gives us our formal rule for existential 
quantifier introduction. If we have a formula ¢(7/v) which expresses the fact 
that a certain term 7 has a certain property, then we can deduce from it the 
formula Jv ¢ which expresses the fact that there is some object which has 
that property. Put the other way round, this says that to derive Jv ¢, the 
direct method is to find a term 7 such that the formula ¢(7/v), which results 
from ¢ when we substitute 7 for the free occurrences of v, may be derived. 
As with the Universal Quantifier Elimination Rule, we need to impose the 
restriction that 7 may be freely substituted for v in ¢. 


28 


Note that, in more advanced books 
on logic, the term existential 


formula is used to mean something 


stronger than one of the form Ju ¢. 


Thus we are led to the following rule. 


Definition 3.1 Existential Quantifier Introduction Rule (EI) 


If 7 is a term which may be freely substituted for the variable v in the 
formula ¢, and the formula ¢(7/v) occurs on a line of a formal proof, 
then on any subsequent line we may introduce the formula 3v ¢, which 
will depend on the same assumptions as does ¢(7/v). 


With the specified condition on the term 7, the rule can be shown to be 
logically valid. It is easy to see that the rule is machine-checkable. 


Example 3.1 
We show that 
dy 0” = (y +y) F Iz 3y z = (y +y) 


1 (1) 
£42) 


Ass 
EI, 1 


dy 0” = (y +y) 
dzdyz=(yt+y) 
If we let ¢ be the formula 3y z = (y + y), then the formula on line 1 is 
¢(0"/z) and that on line 2 is dz ¢. Since the term 0” may be freely 


substituted for z in ¢, this is a legitimate use of the EI Rule. The 
assumption in force on line 2 is the same as that on line 1. + 


Example 3.2 
We show that 


Va(x+0)=2t Vrry(rx+y)=2 


1 (1) Va(x#+0)=2 Ass 

1 (2) («+0)=2 UE, 1 
1 (3) Jy(e@+y)=2 EI,2 
1 (4) Vesty(e@+y)=2 UL,3 


Note that we cannot use the EI Rule to go directly from line 1 to line 4 since 
the EI Rule allows us to introduce an existential quantifier only at the 
beginning of a formula. So we cannot immediately insert Jy in the middle of 
the formula on line 1. 


If we let ¢ be the formula (x + y) = x, then the formula on line 2 is 6(0/y) 
and that on line 3 is dy ¢. + 


Example 3.3 
We show that 


(0+0)=0+ 3r(0+2) =0 
1 (1) (0+0)=0 Ass 
1 (2) 3ac(0+2)=0 EL1 


Here if we let ¢ be the formula (0 + x) = 0, then the formula on line 1 is 
¢(0/x) and that on line 2 is Ja ¢. + 


It is worth noting that a term 
which contains no variables may be 
freely substituted for any free 
variable in any formula. 


Note that the assumption 

(0 + 0) = 0 can be used to derive 
several different formulas (see 
Problem 3.1(c) for example). 


29 


Problenioe ee ee ee 


Show the following. 

(a) Va(a@+0)=a2b ayVae(a+y)=2 - 
(b) Va (a+ 0) = TF Yrm =2 

(c) (0+0)=0F J (y +4)=0 
( 


d) yr (E F0) =r F ILE FAT 


3.2 The Existential Hypothesis Rule 


The fourth rule of our formal system for handling the quantifiers is rather 
more subtle than the other three. By analogy with the rules for the 
universal quantifier, you might expect there to be some sort of existential 
quantifier elimination rule which would enable us to drop an initial dv from 
the beginning of a formula. But deductions of this kind would not be valid. 
From the fact that there is some object with a given property we cannot 
deduce that any object has that property. So any rule that enabled us to 
derive $(7/v) from Sv ¢ could not possibly be logically valid. 


To discover what the second existential quantifier rule should be, we need to 
consider how we make deductions from existential statements in informal 
mathematics. The example we have chosen to look at again comes from the 
theory of matrices. We shall begin by giving a simple proof, just as you 
might find in an algebra textbook. Then, in order to make the logical form 
of the argument clearer, we rewrite the proof using the logical symbols. 
Finally we shall extract from this the logical rule we are seeking. Here then 
is our theorem and proof. 


Theorem 


If the matrix A has an inverse, then det A # 0. 


Proof 


Suppose that B is the inverse of A. Then AB = I, where I is the identity 
matrix. Therefore det A x det B = det AB = det I = 1. Hence 


det A # 0. | 


Now let us symbolize ‘B is the inverse of A’ by ‘Binv A’. The theorem 
asserts that from 3B B inv A it follows that det A # 0. The proof, however, 
begins ‘Suppose that B inv A’, then, after some algebra, we reach the 
conclusion ‘Hence det A 4 0’. Thus, although the theorem asserts that 

det A Æ 0 follows from the assumption that 3B B inv A, in the proof we do 
not start from this assumption. Instead, the assumption with which we start 
the proof is Binv A. However, when we have managed to deduce from this 
that det A 4 0, we claim that the proof has been completed, that is, that we 
have in fact shown that det A 4 0 follows from the assumption 3B B inv A. 
The reason we can make this claim is that, in the course of the proof, we 
made no assumption about B other than that given by our assumption 

B inv A, and in the conclusion that we reach, that det A Æ 0, there is no 
mention of B. So this conclusion really depends only on the assumption that 
there is some matrix B which is the inverse of A, that is, the conclusion 
really depends only on the assumption that 3B Binv A, which is what the 
theorem asserts. 


30 


Recall that det A stands for the 
‘determinant of A’. 


This example is typical of the way existential hypotheses are used in 
mathematical arguments. To deduce some conclusion from the assumption 
that there is some object v which satisfies the property expressed by ¢, that 
is, from the assumption Jv ¢, we assume that v is an object which has the 
property expressed by ¢ and deduce the desired conclusion without making 
any further assumption about v. 


So the formal rule we are looking for needs to express the fact that if we can 
derive a formula 4%, in which v has no free occurrences, from the assumption 
ġ, and possibly also from other assumptions none of which contain any free 
occurrences of v, then we can also derive ~ from the assumption 3w ¢ and 
the other assumptions. Thus we are led to the following rule. 


Definition 3.2 Existential Hypothesis Rule (EH) 


Let ~ be a formula which contains no free occurrences of the variable 
v. If on a line of a formal proof we have derived w from the 
assumption @, which may contain free occurrences of v, and possibly 
from other assumptions, none of which contains free occurrences of v, 
then on any subsequent line we may introduce the formula w, which 
will depend on Jv ¢ and the other assumptions, if any. 


With the specified restriction on free occurrences of v, the rule can be shown 
to be logically valid. It is easy to see that the rule is machine-checkable. 


Example 3.4 
We show that 


r= (y +y’) F Aza = (z +2) 


1 (1) Jyz= (y'+y') Ass 

2 (2) z=(y' +y) Ass 

2- B) Azea(eez)— B2 

1 (4) r= zF) EH 3 

Because we are trying to derive Jz x = (z + z) from the assumption 

Jy x = (y’ + y’), we write down this latter formula as an assumption on 

line 1. The EH Rule tells us that one way to derive 3z £ = (z + z) from this 
assumption is to derive it from x = (y’ + y’) and then use the EH Rule. So 
we write down this formula as an assumption on line 2. We now think about 
how we could derive the desired conclusion 3z x = (z + z). The EI Rule is 
an appropriate rule to use if we want to derive a formula that begins with an 
existential quantifier. We note that if 7 is the formula x = (z + z), then 

x = (y' + y’) is the formula ~(y’/z). The EI Rule entitles us to derive 3z Y 
from ~(y'/z), and so, by using this rule on line 3, we can write the formula 
Jz x = (z + z) depending on the same assumptions as line 2. The variable y 
does not occur freely in 3z x = (z + z) and hence it is legitimate to use the 
EH Rule. Applying this to line 3, the effect is to replace the assumption 

x = (y' + y') by the assumption Jy x = (y’ + y’). In this case there are no 
other assumptions to worry about. Hence we obtain line 4, which is what we 
have been aiming at. $ 


Notice that in this example the formula which we have derived on line 4 is 
exactly the same as the formula on line 3. The difference is in the 
assumptions involved. Line 3 depends on the formula on line 2, but line 4 
has the formula on line 1 as its assumption. This is typical of the use of the 
Existential Hypothesis Rule. When we use it, its effect is only to change the 
assumption formulas which are in force. We said it was more subtle than the 
other rules! É 


31 


Notice also that, typically, in preparation for a use of this rule, we 
introduced both the formulas Jy x = (y’ + y’) and z = (y’ + y’) as 
assumptions. We didn’t make the corresponding move in the informal proof 
of the theorem with which we began this section, but we could have done 
this by beginning the proof ‘Assume that the matrix A has an inverse and 
suppose that B is the inverse of A’. Some people might say that this is 
stylistically preferably to our proof. 


Example 3.5 


We give a schematic proof to show that, for all formulas ¢ and 9, 
Wwe, Vu (¢ — 6) F wo 


Our standard first move will be to write down as assumptions the formulas 
Jw ¢, Vu (¢ > 0), as we are aiming to show that Jv 0 can be derived from 
these assumptions. The EH Rule tells us that we will achieve this if we can 
derive Ju 0 from the assumptions ¢, Vu (¢ — 0). So we next introduce ¢ as 
an assumption. Another standard technique when we have an assumption, 
as here, of the form Vu (¢ — @) is to use the UE Rule to drop the initial 
universal quantifier. Once we do this, we will have derived both ¢ and 

(¢ — 0). The Tautology Rule then enables us to derive 0, and we can then 
obtain the desired formula Jv @ by use of the EI Rule. Let us follow this 
strategy through. 


1 (1) awo Ass 

2 (2) Ww(¢— 9) Ass 

3m (Sy) > Ass 

2 (4) (670) UE? 
23 (See Taut, 3, 4 
2,3 (6) w0 EI, 5 
1,2 (7) Wwé EH, 6 


On line 6 we have derived the formula Ju 6 we are aiming at, but not from 
the required assumptions. So we use the EH Rule to change the 
assumptions, that is, the assumption ¢ is replaced by the assumption Jv ¢. 
Is this a correct use of the EH Rule? We need to check that the variable v 
has no free occurrences in the conclusion, 3v 0, nor in any of the 
assumptions, other than ¢, on which this conclusion depends. Clearly, v has 
no free occurrences in Ju 0, as this formula begins with the quantifier 3v. 
Likewise, v has no free occurrences in the only assumption, other than ¢, on 
which Jv @ depends on line (6), as this other assumption is Vv (¢ — @). So 
our use of the EH Rule on line 7 is legitimate. 


Problem 3.2 
Show that 


de (y'-y')=2' b ar(y’-y')=2 


Problem 3.3 
Show that, for all formulas ¢ and 4%, 


Ww (o& Y) E (Gv o & wy) 


Hint: Follow the strategy of Example 3.5 to derive 3v ¢ and Jv Y separately 
from (¢ & Y). Then use the Tautology Rule and the EH Rule to complete 
the proof. 


32 


We have explained why the Existential Hypothesis Rule contains the 
following two requirements: 


(a) the variable v has no free occurrences in the formula W; 
(b) the variable v has no free occurrences in any assumption, other than dQ, 
on which y depends. 


It is instructive to give examples of what can go wrong when either of these 
requirements fails to hold. We emphasize that the following are not correct 
formal proofs. 


(a) 1 (@) Savv=0' Ass 
2 (2. v= Ass 
1 (3) v=0' BA? 
4) Vouv=0" ULsS 
ey 2°) Ser =6 Ass 
2 (2) Jwi Ass 
S- (3y w= 0 Ass 
4 (4) E Ass 
3,4 (5) (v=O&v=0')  Taut,3,4 
3,4 (6) w(v=0&v=0) E5 
2,3 (7) Iv(v=O0&v=0') EH,6 
1,2 (8) av(v=O&v=0') EH,7 


The formula Jv v = 0’ is true in the standard interpretation .”% but 

Vuv = 0’ is false in this interpretation. So the formula Vu v = 0’ is not a 
logical consequence of Jv v = 0’. Hence, example (a), which purports to be a 
formal proof of Vv v = 0’ from the assumption Jv v = 0’, must have an error 
in it. Similarly, example (b) purports to be a formal proof of 

du (v = 0 & v = 0’) from the assumptions Jv v = 0 and Juv = 0’. These 
assumptions are true in .” but the conclusion is false. Thus 

Jv (v = 0 & v = 0’) is not a logical consequence of the formulas 3v v = 0, 

du v = 0’. It follows that there must be an error in the purported proof. 


Problem 3.4 


Find the errors in each of the above examples. If the Existential Hypothesis 


Rule has been used inappropriately, specify which requirement of this rule 
fails to hold. 


In contrast, the following example is a schematic proof in which the 
Existential Hypothesis Rule is used correctly. 


Warning! This is not a correct 
proof! 


Warning! This is not a correct 
proof! 


33 


Example 3.6 
We show that, for all formulas ¢, 


Jawo F dudud 


If we can derive Jv Ju ¢ from the assumption Ju ¢, then we can use the EH 
Rule to derive it from the assumption Ju Ju ¢. Likewise, we can use the EH 
Rule to derive Jv Ju ¢ from the assumption Jv ¢ if we can derive it from the 
assumption ¢. The EI Rule enables us to derive Jv du ¢ from ¢. Thus we 
arrive at the following schematic proof. 


Pe ‘Sauau¢ Ass 

Da (2) este Ass 

Shiai we, Ass 

Bol eae, EI,3 

3 (5) a WAU p ELA 

2 (6) dJvaud@ EH,5 

1 (7) waup EH,6 
Since neither of the variables u and v can have any free occurrences in the 
formula Jv Ju ¢, our uses of the EH Rule on lines 6 and 7 are correct. + 
Problem 3.5 


Show that, for all formulas ¢ and 4%, 
du (od V Y), Vu ~no F wy 


Here is an example of a schematic proof which uses each quantifier rule once. 


Example 3.7 

For each formula ¢, 
Ju Www o F Ww Juo 
1 (1) SuVv@ Ass 
2 (2) Vo Ass 
2 (3) ¢ UE, 2 
2 (4) Jud EI, 3 
2 (5) VWwdud UI,4 
1 (6) Vusu@ EH,5 


You should check that this is a correct schematic proof. In particular check 
that, when we have used the UI Rule on line 5 and the EH Rule on line 6, 
the requirements of these rules in relation to free occurrences of variables are 
satisfied. 4 


You have now met and used seven of the nine rules of proof. You may have 
found it difficult to see how to use some of these rules, particularly the 
Tautology Rule, in constructing formal proofs. To help you with this, the 
problem of finding formal proofs is discussed in Unit 6, where you will also 
be introduced to the final two rules of proof. 


34 


SUMMARY 


We began by giving a precise account of what we mean by a formal proof. 
This was based on a look at what informal proofs in everyday mathematics 
are like. We said that a formal proof must be both logically valid and 
checkable by a machine. 


We specified that a formal proof should consist of a finite sequence of 
formulas, and that each step must be justified by one of our rules of proof. 
This led us to set out a formal proof in lines, with one formula on each line. 
The lines are numbered for ease of reference, and each line is annotated on 
the right to indicate the rule of proof which has been used and, where 
appropriate, the earlier line or lines to which the rule has been applied. 


We saw that both informal and formal proofs involve drawing conclusions 
from assumptions and that it is important to keep track of which 
assumptions each line of a proof depends on. Each rule of proof includes a 
specification of which assumptions the conclusion depends on. We annotate 
proofs by listing, on the left of each line number, the numbers of the 
formulas which are used as assumptions in deriving that line. 


Having described the general structure of a formal proof, we began to 
describe the rules of proof that we use. 


The Assumption Rule is used to introduce assumptions into formal proofs. 
The main rule for handling arguments involving the connectives is the 
powerful Tautology Rule. When it comes to finding formal proofs, the use of 
this rule depends on being able to spot appropriate tautologies. The 
Conditional Proof Rule is useful when the formula we are trying to derive is 
an implication. 


We came next to the rules for handling the quantifiers. We needed to make 
an important distinction between free and bound occurrences of variables in 
formulas. We saw that, from the formation rules described in Unit 4, it is 
not difficult to obtain an algorithm for deciding which occurrences of 
variables in formulas are free and which are bound. 


Our rules for the quantifiers all involve restrictions which depend on whether 
certain variables have free occurrences in the formulas we are using. We saw 
that without these restrictions the rules would not be logically valid. We 
have two rules for each quantifier. For the universal quantifier we have both 
an Introduction and an Elimination Rule. We also have an Introduction 
Rule for the existential quantifier, but the second rule for this quantifier, the 
Existential Hypothesis Rule is rather more subtle. When we apply this rule 
to a particular line of a formal proof, the formula on the line is unchanged, 
but one of the assumptions on which it depends is changed by the prefixing 
of an existential quantifier. 


We have not yet completed listing all the rules of proof of our formal system. 
We do this in the next unit where we introduce two rules dealing with the 
identity symbol. We also address the practical problem of finding formal 
proofs, and offer some guidelines to help with this task. Unit 6 ends with a 
discussion of how we augment the formal system by adding axioms to 
describe properties of natural numbers, which is the ultimate focus of our 
attention. 


35 


OBJECTIVES 


We list those topics on which we may set assessment questions to test your 
understanding of this unit. 

After working through the unit you should be able to: 

(a) understand the meaning and use of each of the rules Ass, Taut and CP; 


(b) determine whether the occurrences of variables in formulas are free or 
bound; 


c) determine whether or not a given term may be freely substituted for a 
y 
given variable in a given formula; 


(d) understand the meaning and use of each of the rules UE, UI, EI and EH 
and why there are restrictions on the variables and terms they involve; 


(e) check a purported formal proof to see whether the uses of the seven 
rules Ass, Taut, CP, UE, UI, EI and EH are legitimate; 


(f) add the correct assumption numbers to the lines of a formal proof from 
which they are missing; 


(g) construct simple formal proofs using the rules listed in (e). 


36 


ADDITIONAL EXERCISES 


Most of these exercises provide further practice, should you feel you need it, 


in handling the main ideas in the unit on which you are likely to be assessed. 


There are a few harder problems, labelled as such in the margin. These are 
harder than any of the problems you are likely to encounter in the 
assessment and are included solely as challenges for the interested student. 


Section 1 


1 The following is a correct schematic proof from which the assumption 
numbers have been omitted. 


(1) ag Ass 

(2) ~y Ass 

(3) (mo & =) Taut, 1,2 
(4) (v4) Ass 

(5) ~o & =p) Taut, 4 
(6) (mọ & =Y) & ~me & 7)) Taut, 3, 5 
(7) (Ab (mọ & 7H) & 3(AG & -)))_ CP, 6 

(8) ~ Taut, 7 
(9) ($ Vy) > y) CP,8 


(a) What are the assumptions in force on each line? 
(b) What tautologies are being used on lines 3, 5 and 8? 


(c) Show that the formulas used to obtain lines 5 and 8 are indeed 
tautologies. 


2 Find all the mistakes in the following ‘schematic proof’; when 
investigating a particular line, find the errors on that line, if any, under 
the assumption that all the previous lines are correct. 


1 (1) EV) Taut 

1 (2) (¢&y) Taut, 1 

2 (3) @ Taut, 2 

1 (4) y Taut, 1,2 
(5) (b> (@Vy)) CP,4 

1 (6) (V4) Taut, 4,5 


3 Determine a schematic proof of 
((¢ > Y) > 4 > 79)) 


which depends on no assumptions. 


4 Prove that if ¢ is a formula which is a tautology, then there is a formal 
proof of ¢ which depends on no assumptions. Hints: Suppose ¢ is a 
tautology. Knowing nothing else about ¢, the only hope of deriving it 
would seem to be a use of the Tautology Rule. This means finding a 
formula 0 such that (0 — ¢) is a tautology, where we have previously 
derived 6. The Tautology Rule could then be used to derive ¢ 
depending on the same assumptions as 6. Since we want to derive 
from no assumptions at all, we need to find a formula 0 that can be 
derived from no assumptions. Can you find such a 0 for which (@ — ¢) 
is a tautology? 


Warning! This is not a correct 
proof! 


Harder problem 


37 


Section 2 


1 ‘For each of the following formulas, determine which occurrences of 
variables are free and which are bound. 


(a) Vy (Et (y + z) =t > 2’ = (t - z)) 
(b) viaz (Vys = y > Azz’ = (t-2)) 
(e) Waatal—t' V aye y) = 2) 
2 For each of the formulas in the preceding question, write down the 
result of substituting the term (x » t) for each free occurrence of x in the 


formula. In which of the formulas may this term be freely substituted 
for x? 


3 Show that 
VaVy(a+y) = (y + x) F Yz (x + 0) = (0 + z) 


4 Show that, for all formulas ¢ and 4, 
Wo ($ > 4) E ($ => Wy) 


provided that the variable v does not occur freely in ¢. For which 
step(s) of your argument do you need the condition that v does not 
occur freely in ¢? 


5 Show that, for all formulas ¢, w and 9, 
Vu ($ > Y), Vu (4 > 0) F Wu ($ > 0) 


Section 3 


1 Show that, for all formulas ¢ and 4%, 
W (¢ > Y) F (wo > 4) 


provided that the variable v does not occur freely in y=. For which 
step(s) of your argument do you need the condition that v does not 
occur freely in Y? 


2 The following correct schematic proof is incomplete because the 
assumption numbers are missing. Fill in these numbers. 


(1) W(@-> 4) Ass 

(2) (0—4) UE, 1 

(3) 3v0 Ass 

(4) (63 (0 ¥)) Taut, 2 
(5) 6 Ass 

(6) (0—4) Taut, 4,5 
(7) Ww(6>v) EI, 6 

(8) (0—4) EH, 7 

(9) (vð — w (0 — w)) CP,8 


38 


3 Find the mistake(s) in the following ‘schematic proof’ that, for all 
formulas ¢ and 4, 


wo, wyt du (¢ & yp) 


E- ys Mest Ass Warning! This is not a correct 
2 Q)-wy Ass prooi 
3 (3) o Ass 
4 (4) » Ass 

3,4 (5) (p&p) Taut, 3,4 

3,4 (6) dv(d&y) EI,5 

1,4 (7) w(p&y) EH,6 

1,2 (8) MOLY EH,7 

4 Show that 


Sep Olay yO 


5 The Existential Hypothesis Rule is stated as follows. 


Let ~ be a formula which contains no free occurrences of the 
variable v. If on a line of a formal proof we have derived ~ from the 
assumption ¢, which may contain free occurrences of v, and possibly 
from other assumptions, none of which contains free occurrences 

of v, then on any subsequent line we may introduce the formula v, 
which will depend on 3v ¢ and the other assumptions, if any. 


Give an example to show that the rule would not be logically valid if 
the condition that ~ contains no free occurrences of v is omitted. This 
means finding a formula 4% containing free occurrences of v, a formula ¢ 
which may contain free occurrences of v and possibly formulas 


$1,2,--+,, in which v does not occur freely such that 7 is a logical 
consequence of ¢ and $1, ¢9,...,¢,, but with w not a logical 
consequence of w ¢ and ¢,, ¢g,...,¢,- Hint: The discussion following 


Problem 3.3 should help. 


6 The Existential Quantifier Introduction Rule is stated as follows. Harder problem 


If 7 is a term which may be freely substituted for the variable v in 
the formula ¢, and the formula ¢(7/v) occurs on a line of a formal 
proof, then on any subsequent line we may introduce the formula 
dv ¢, which will depend on the same assumptions as does d(t/v). 


Give an example to show that the rule would not be logically valid if 
the condition that the term 7 may be freely substituted for the variable 
v in the formula ¢ is omitted. This means finding a formula ¢, a term 7 
not freely substitutable for v in ¢ and possibly formulas $1, aisa s Ok 
such that ¢(7/v), but not Iv ¢, is a logical consequence of $1, 02,---, Dx. 


39 


SOLUTIONS TO THE PROBLEMS 


Solution 1.1 


(a) (i) The schematic proof with the assumption numbers added is as 


follows. 
ue aly aes Ass 
2-8(2)) ad Ass 
1 (3) (EVY) Taut, 1 
1,2 (4) (&¥) Taut, 1,2 
1,2 (5) ((@¢V¥)&(o&y)) Taut, 3,4 
2 (6) (b> (($Vy)&(p&y))) CP, 5 


(ii) The tautologies which have been used are as follows. 
line 3: (Y > (dV %)) 
line 4: ((Yy & ¢)— ($ & )) 
line 5: (((@V Y) & (@& Y)) > (VY) & (KY) 


(b) (i) The schematic proof with the assumption numbers added is as 


follows. 
1 (1) (@Vx) Ass 
2552). =x Ass 
TIPE AGS ne nt Taut, 1,2 
4 (4) +% Ass 
1,2,4 (5) (@¢&y) Taut, 3,4 
1,4 (6) (“x> (¢&4)) CP,5 
1,4 (7) (xvV(¢@&y)) Taut, 6 
1 (8) (Po (xv(@&y))) CP,7 


(ii) The tautologies which have been used are as follows. 
line 3: (((¢ V x) & x) > 4) 


line 5: ((ġ & Y) — (¢& y)) 
line 7: ((nx > (¢ & ¥)) > (x V (¢& Y))) 
Solution 1.2 
(a) One possible schematic proof is as follows. 
E Ss ee Ass 
22) np Ass 
1,2 (3) ~(ġ¢— y) Taut,1,2 


(b) All that we need to do is to append to the above schematic proof two 
lines on which we use the Conditional Proof Rule, as follows. 


1 (4) (*¥--@- ¥)) CP,3 
(5) (> (~y >~ => 4))) CP,4 


40 


Solutions to the Problems 


Solution 1.3 


(a) 1 (1) @ Ass 
2 (2) (¢>y) Ass 
12, (8y ap Taut, 1,2 
1 (4) (¢>¥%)-Yy) CP,3 
(5) @-((¢-¥)—>y)) CP,4 
(b) 1 (1) (-¢->-y) Ass 
2 (2) (~= +) Ass 
12) (3) o Taut, 1,2 
1 (4) ((-¢- 4) - 4) CP,3 


~ 
On 
wn 


(Co = =4) > ((-¢ > Y) > ¢)) CP, 4 
The same strategy has been used in both parts (a) and (b). 


In part (a) we are aiming to show that we can derive the formula 

($ — ((¢ > Y) > W)) depending on no assumptions. Since this formula is 
an implication, a use of the Conditional Proof Rule suggests itself: if we can 
derive ((¢ — Y) — y) depending on the assumption ¢, then using 
Conditional Proof Rule it follows that (¢ — ((@ > Y) > W)) can be derived 
depending on no assumptions. Since ((¢ — %) — ¥) is also an implication, 
another use of the Conditional Proof Rule indicates itself: if we show that 
the formula ~ can be derived from the assumptions ¢ and (¢ > w), then by 
Conditional Proof Rule ((¢ — Y) — 4%) can be derived from the assumption 
$. We can derive y from the assumptions ¢ and (¢ — 7) in one step using 
the Tautology Rule provided that the formula 


((9 & ($ > y)) > Y) 
is a tautology. Using a truth table, it is easy to check that this is so. 


Essentially the same strategy is used in part (b). The use of the Tautology 
Rule on line 3 is correct provided that the formula 

(((4¢ = 7) & (-¢ = Y)) = 4) 
is a tautology. Again, using a truth table, it is easily checked that this is so. 


Solution 2.1 


In each case we have underlined the bound occurrences of variables. The 
given formula is a sentence if all the variables in it are underlined, that is, if 
all the occurrences of variables are bound occurrences. 


(a) YzJy ~z = y. This is a sentence. 
(b) ((2@ = y V It (x + t) = y) V 3t (y + t) = z). This is not a sentence. 
(c) (3z (z: a) = y > Yy (Iz (z - y) = £ > 732 (z - 1) = y)). This is not a 


sentence. 
(d) 3z (x = y V =z = y). This is not a sentence. Notice the effect of the different 
(e) (xz =y V~=z = y). This is not a sentence. Mane r- of the. brackets in- (d) 


41 


Solutions to the Problems 


Solution 2.2 

(a) 3y (y - y) = ((2" + 0) - ((z” +0) + y)) 

(b) Here only the final occurrence of x is a free occurrence, and hence we 
only replace this occurrence of x by 0’. Thus we obtain 


(Ar (x - z) = y & 0' = (z + y)) 


(c) Here there are no free occurrences of x and hence ¢(7/v) is the same as 
od, that is 


de ((x - x) = y & z = (z + y)) 


(d) Ix ((z-z)=0t& z = (z +0°)) 

(e) Jyy = (y' +y’) 

(f) Sx (a+r) = (TT) 

(g) Since 7 is the same as v, $(7/v) is the same as ¢, that is 


dg (z+ 2) = (z. x) 


Solution 2.3 


(a) The term (z” - y) may be freely substituted for x in the given formula ¢. 
Here ¢(7/v) is 


(Azz=y' & 3t(t-t) =(z"-y)) 


and the occurrences of the variables y and z in 7 give rise to free 
occurrences in $(7/v). 


es 
= 


The term (z” + y) may not be freely substituted for x in ¢. Here $(7/v) 
is 


az(z=y' & 3t(t-t) =z" -y)) 


where the bound occurrences of variables have been underlined. The 
variable z in T becomes bound in ¢(7/v). 


The term (y + x) may be freely substituted for y in ¢. Here ¢(7/v) is 
(V2 dza =(z+2) > It (t +t) = ((y+ 2) +2)) 


and the occurrences of x and y in 7 give rise to free occurrences of these 
variables in $(7/v). 


= 
O 
<~ 


(d) There are no free occurrences of y in ¢, so $(7/v) is identical to ġ and, 
in a vacuous way, none of the variables in r becomes bound when we 
replace the free occurrences of y in ¢ by 7. Thus 7 may be freely 
substituted for y in ¢. 


(e) The term 7 can be freely substituted for x in ġ. Since 7 is the same as z, 
¢(7/v) is the same as ¢ and no problem arises. 


Solution 2.4 
1 (1) VaeVy(e+y)=(y+2) Ass 
1 (2) Wy(0'+y)=(y+0’) UE,1 
1 (3) (0'+0”)=(0"+0’)  UE,2 


42 


Solution 2.5 


The formula Vx Jy =x = y can be regarded as being Vx ¢, where ¢ is the 
formula Jy ~z = y. The formula 3y ~r = y is then $(7/z). 


To see that the answer to the question posed is ‘no’, we need to find a 

term 7 that is not freely substitutable for x in ¢. The simplest example is to 
take 7 to be the variable y. Thanks to the Jy, this term cannot be freely 
substituted for x in Syma = y. 


With this choice for 7, we now need to show that Jy ~y = y is not a logical 
consequence of Vx Jy =x = y. This means giving an interpretation in which 
Va Jy a2 = y is true and Jy ~y = y is false. We shall take the standard 
interpretation / with domain N. In this interpretation Vx Jy a = y is true 
as for any natural number x there is always a number y to which it is not 
equal, while Jy ~y = y is false as there is no number not equal to itself. 


Solution 2.6 


1 (1) VaWyV2((e@+y)+z)=((e-z)+(y+z)) Ass 

1 (2) WyV2((e@+y)+z)=((@-z)+(y+z))  UB,1 
1 (3) Vz((e©+2)-z) =((z-z)+(z-2z)) UE, 2 
1 (4) ((@+2)-2x) = ((x-x)+(ax-2)) UE, 3 
1 (5) Va((a+a)-r) =((x-+x)+(x-2)) UI,4 


In each case where we use the UE Rule to replace a formula of the form Vu d 
by ¢(7/v), the term 7 is just the variable x itself. 


Solution 2.7 


We first derive Vu ¢ and Wv y% separately and then use the Tautology Rule to 
obtain (Vu ¢ & Vv y). In deriving W ¢, we first derive ¢ and then apply the 
UI Rule. We then use the same strategy to derive Vu w. 


1 (1) W(¢&y) Ass 

1 (2) (¢&¥) UE, 1 
LHS) ag Taut, 2 
1 (4) Wo UL3 

1 (5) » Taut, 2 
1 (6) Wwy UL,5 

1 (7) (Wud@&Vuy) Taut, 4,6 


Solution 2.8 


Let ¢ be the formula v = 0, as suggested in the hint. Let ¢, be the same 
formula, so v occurs freely in ¢,. Then trivially ¢ is a logical consequence of 
$ı. But we can show that Vv ¢ is not a logical consequence of ¢,. For 
instance, take the standard interpretation .” and give v the value 0 from 
the domain N. Then the formula v = 0 is true, but Vu v = 0 is false, as it is 
not the case that all numbers v are equal to 0. 


Solutions to the Problems 


Any interpretation with a domain 
containing at least two elements 
will do. 


Any interpretation with a domain 
containing at least two elements 
will do. 


43 


Solutions to the Problems 


Solution 3.1 


(a) If we let ¢ be the formula Vz (x + y) = x, then ¢(0/y) is Va (x + 0) = x 
and from ¢(0/y) we can derive Jy ¢. So we have the following formal 


proof. 
EO Veeies Oz, Ass 
(2) syVa(ea+y)=a2 Eni 
(b) bi Veo ==> ae 
i) @:®)=<¢ UE, 1 
T (3) ay(r u =E EI, 2 
L G4) Nearii(eea) sa TiS 
(c) 1 (1) (0+0)=0 Ass 
(2) ayyt+y)=0 El,1 
(d) 1 (1) Yelo) =r Ass 


1) 
1 (2) (0+0)=0 UE, 1 
1.8) sa (eo io EE 2 

If we let @ be the formula (x + 0) = x and ~ be the formula 

(x + x) = 2, then the formula on line 1 is Vz @ and we use the UE Rule 


to derive ¢(0/2) on line 2. But this formula is also Y(0/x) and so we 
use the EI Rule to derive 4x w on line 3. 


Solution 3.2 


1 €) 3e0'-f)S2 As 
2 (2) @-y')=2' Ass 
2 (3) lanl peo SE 
1 4) Saye) EHS 


If ¢ is the formula (y’ - y’) = x, then the formula (y’ - y’) = 2’ which appears 
on line 2 is ọ(x'/x). Hence the use of the EI Rule to derive Jx ¢ is 
legitimate. Since the variable x does not occur freely in Jx ¢, the use of the 
EH rule on line 4 is also legitimate. 


Solution 3.3 


1 (1) Av(¢@&y) Ass 

2 (2) (9&4) Ass 
2-13) Taut, 2 

2 (4) Avo EI, 3 

2 5), Y Taut, 2 

2 (6) wy EL, 5 

2 (7) (Avd&Avy) Taut, 4,6 
1 (8) (avé & ivy) EH,7 


Solution 3.4 


(a) The error occurs on line 3. The use of the EH Rule on this line is not 
valid because the variable v has a free occurrence in the formula on line 2 
to which the rule has been applied. Thus, in the terms of the discussion 
preceding the problem, requirement (a) of the EH rule does not hold. 


The error occurs on line 7. The use of the EH Rule on this line is not 
correct because the variable v occurs freely in the formula v = 0, that is, 
the formula on line 3, which is used as an assumption on both lines 6 
and 7. So requirement (b) does not hold. 


E 
x 


Note that the use of the EH Rule on line 8 is valid as the variable v 
does not occur freely in the formula on line 2, that is 3v v = 0’, which is 
used as an assumption on both lines 7 and 8. However, a single 
illegitimate use of a rule is enough to invalidate the entire formal proof. 


44 


Solution 3.5 


1 (1) Jv(¢@Vy) Ass 

2 (2) Vo Ass 

3 (3) (vy) Ass 

2 1 Sig UE, 2 
2,0. (5) Y Taut, 3, 4 
2,3 (6) wy EI, 5 
1,2 (7) wy EH, 6 


The strategy used to find this schematic proof follows ideas used in earlier 
examples. We begin by writing down as assumptions the two formulas from 
which we are aiming to derive Jv ọ%. Experience with the EH Rule tells us 
that to derive a formula from the assumption Jv (¢ V ~) it would be a good 
move to derive it from (¢ V Y). So we introduce this formula as an 
assumption on line 3. Experience also tells us that with an assumption such 
as Vu —@ it would probably be helpful to use the UE Rule to drop the 
universal quantifier, and we have done this on line 4. 


We now turn our attention to our ultimate aim of deriving the formula Jv w. 
We know that if we can derive 7 then we can obtain Ju ~ by using the EI 
Rule. So we look to see if we can derive ~ from the formulas (¢ V Y) and 7@ 
on lines 3 and 4. We can achieve this by a single use of the Tautology Rule 
provided that the formula (((¢ V Y) & ad) — Y) is a tautology. A truth 
table shows that it is a tautology and this gives us line 5. Using what should 
by now be familiar applications of the EI and EH Rules, we then get the 
desired conclusion Jv w depending on the desired assumptions on line 7. 


SOLUTIONS TO ADDITIONAL 
EXERCISES 


Section 1 
1 (a) raS Ass 
2 (2) y Ass 
1,2 (3) (=y & y) Taut, 1,2 
4 (4) (Vy) Ass 
4 (5) 7A(7nd & y) Taut, 4 
1,2,4 (6) ((-d & =) & A(Ad & =) Taut, 3,5 
1,4 (7) (4 > ((-¢ & ~y) & 3(-y & -Y))) CP,6 
1,4 (8) Y Taut, 7 
1 (9) (YV y)—> 4) CP,8 


(b) line 3: ((-¢ & =) > (ng & >y)) 
line 5: ((¢ V Y) > 7(Ad & 7W)) 
line 8: ((~Y > (“mọ & 7) & 7(7d & AY))) > Y) 


45 


46 


(c) Truth tables must be provided. 


@Vy) 7-7 ¢ & > 9) 
Deed eg li ORE Orne 
LO elie al, Oe ale eather) 
Orel hes ale 0 a est 
D- Ov Oi hI Oleh JONI eG 

T 

tautology . 
(E E pE E EE EEN) 
Ae e e r a a TT T A Ol Ierd 
150-0 m 180) a a A. LN 
U pma R a S 1 ET e G A ot: lel 
LOO ne I I Ie A aa Ons Onl aE E a) 1:0 

T 
tautology 


Line 1: With the rules introduced so far, the first line of a proof can 
only be obtained by an application of Assumption Rule; to correct the 
line, replace ‘Taut’ by ‘Ass’. 

Line 2: This is an incorrect use of the Tautology Rule, as 

((¢V Y) —> (@ & y)) is not a tautology. 

Line 3: A tautology has been used but, for a correct use of the 
Tautology Rule, the assumptions in force on line 3 should be those in 
force on line 2, namely assumption 1. 

Line 4: This line is correct. 

Line 5: The wrong formula has been derived. The formula on line 4 
should appear as the consequent of the implication (i.e. after the — 
symbol) on line 5, and the formula on line 1 should appear as the 
antecedent (i.e. before the — symbol). The correct formula derived by 
the Conditional Proof Rule is ((¢ V y) > y). 

Line 6: This line is correct. 


There are many correct proofs. We give two examples. 


From the pattern of what is to be proved, and in particular the position 
of some of the occurrences of —, we see that if we can prove (=~ — 7¢) 
from the assumption (¢ — 7), then a use of the Conditional Proof Rule 
will give a proof of ((¢ = Y) —> (~ —> 7¢)), as follows. 


1) =y) Ass 
1 (2) (-~v--7¢) Taut, 1 
(3) ((% > 4) > (Y > 7¢)) CP, 2 
The tautology used to obtain line 2 is ((¢ > Y) > (~y > 7¢)). 
Equally, a proof of =@ from the assumptions (¢ — Y) and -w can be 


turned into a proof of ((¢ > Y) — (=~ — 7¢@)) by two uses of the 
Conditional Proof Rule, as follows. 


1 (1) (6-4) Ass 
Za 2) =p Ass 

2 (3) ad Taut, 1,2 
1 (4) (4 => 79) CE3 


OEE Eg) CP,4 
The tautology used to obtain line 3 is (((¢ > 4%) & =Y) > =¢). 


4 We note first that if ¢ is a tautology then, for each formula 0, the 
formula (0 — ¢) is also a tautology. For suppose ¢ is a tautology. Then, 
on each row of the truth table for (0 > ¢), ¢ gets the value 1. We see 
from the truth table for — that it follows that (0 — ¢) also gets the 
value 1 on each row, and hence it is a tautology. 


It follows that, if @ is a tautology, we can use the Tautology Rule to 
derive ¢ from 0, whichever formula we choose for 0. If 6 can be derived 
using no assumptions, then in this way we get a derivation of ¢ using 
no assumptions. Thus we can use for @ any formula which can be 
derived using no assumptions. 


The following is a simple schematic proof that makes use of this idea. 


Lesa tle) emer Ass 
(2) (¢>¢) CP,1 
(3) @ Taut, 2 


The formula (¢ — ¢) plays the role of 8 in the above discussion. 


Section 2 


1 (a) Vy(at(y+2) =t—- 2! = (t-z)) 
The bound occurrences of variables are underlined. 


(b) All the occurrences of variables are bound. Thus the formula is a 
sentence. 


C) VESEN dy (x + y) = t) 
Again we have underlined the bound occurrences of the variables. 
2 (a) The formula that results from substituting the term (x - t) for the 
free occurrences of x is 
Vy (3t (y + (z -t)) =t > (z -t)' = (t - z)) 
íi 
bound 


The term may not be freely substituted for z as a new bound 
variable is introduced. 


— 
o 
x~ 


As there are no free occurrences of x, the formula is unchanged. 
Thus the term may be freely substituted. See the solution to Problem 2.3(d). 


(c) The formula that results from substituting the term (x - t) for the 
free occurrences of x is 
(Va dta’ =t V dy ((x-t) + y) =t). 


The term may be freely substituted for z. 


1 (1) VaVy(a+y)=(y+2) Ass 
1 (2) VWy(e+y)=(y+2)  UE,1 
1 (3) («+0)=(0+2) UE, 2 
1 (4) Va(e#+0)=(0+2) UI,3 
Note that we cannot use the UE Rule to go directly from line 1 to 
line 4, since the UE Rule enables us only to eliminate a universal 


quantifier that occurs at the beginning of a formula. So we cannot 
immediately eliminate the quantifier Vy from the formula on line 1. 


47 


4 1 (1) W(@—-y) Ass 
1 (2) (¢>%)  UE,1 
IO ae Ass 
ES (4) we Taut, 2,3 
L3 (5) Woy UI, 4 
1 (6) (—YWwy) CP,5 
Thus 
Vu ( > Y) F ($ => Woy) 
provided the variable v does not occur freely in ¢. 
The condition that v does not occur freely in ¢ is needed to derive 
line 5, because the application of the UI Rule to the formula on line 4 
requires that v does not occur freely in any of the assumptions in force 
on line 4, and ¢ is one of these. 
5 1 (1) Ww(ọ— y) Ass 
2 (2) Ww(y—0) Ass 
1 (3) (7%)  UE,1 
2 (4) (b- 8) UE, 2 
1,2 (5) (¢- 8) Taut, 3, 4 
1,2 (6) W(¢-86) UI,5 
Section 3 
1 1 (1) W(¢—- yw) Ass 
2 (2) Ave Ass 
3 -(3) @ Ass 
1 (4) (¢>%)  UE,1 
sy. (Gy) at Taut, 3, 4 
TDiea (6) ea EH, 5 
1 (7) (Av@g—y) CP,6 
The condition that v does not occur freely in w (the formula on line 5) 
is needed to justify the use of the EH Rule to obtain line 6. 
2 1 (1) Ww(0— y) Ass 
1 (2) (0—4) UE, 1 
3 (S ails, Ass 
1 (4) (0 — (0 — %)) Taut, 2 
5 (5) @ Ass 
1,5 (6) (0—4) Taut, 4,5 
1,5 (7) w(0— y) EI,6 
1,3 (8) Av(@—y) EH, 7 
1 (9) (vð — w (0 — y)) CP,8 
3 The mistake is in the use of the EH Rule on line 7. In general, the 


48 


variable v will have free occurrences in the formula w. This formula is 
used as an additional assumption on line 6. So the use of the EH Rule 
to derive line 7 is not legitimate. (On the other hand, there is nothing 
wrong with the use of the EH Rule on line 8, since in this case the 
additional assumption on which line 7 depends, that is, the formula 
Jw ¢, does not contain any free occurrences of the variable v.) 


0) arr =H Ass 
Cr e Ass 
(3) ayy=0 EL2 
(4) dyy=0 EH,3 


=. N N e 


Let ~ and ¢ both be the formula v = 0’, which contains a free 
occurrence of v. Then trivially ~ is a logical consequence of ¢, as they 
are the same formula. But w is not a logical consequence of Iv ¢. For 
instance, take the standard interpretation .” and give any free 
occurrences of v the value 3. Then Jv v = 0’ is true (as the occurrence 
of v in this formula is not free, and the formula is true as there is 
indeed a number in N equal to the successor of 0) while v = 0’ is false, 
because v is being interpreted by 3 rather than 1. 


Let ¢ be the formula Vy v = y and let 7 be the term y, which is not 
freely substitutable for v in ¢. The formula ¢(7/v) is then Yyy = y, 
which is true in all interpretations. But Sv ¢ is the formula Ju Vy v = y 
which is false in the standard interpretation .”% or indeed in any 
interpretation with a domain consisting of more than one element. 


49 


INDEX 


Ass 9 
CPL 
EH 31 
EI 29 
Taut 10 
UE 23 
UL 24 


o(r/v) 20 
1, par r PREY 26 
me Ae 


assertion 8 
Assumption Rule 9 
assumptions in force 7 


bound occurrence 17 
bound variable 17 


Conditional Proof Rule 11 


depends 7 

derivation 4 

derive 4 

dummy variable 17, 19 


existential formula 28 
Existential Hypothesis Rule 31 
Existential Quantifier Introduction Rule 29 


50 


formal proof 8 

free occurrence 17 
free substitution 22 
free variable 17 


justification 8 

logical validity 9 
machine checkability 9 
quantifier logic 16 
rule of proof 8 


schematic proof 13 
sentence 19 


Tautology Rule 10 
turnstile symbol 26 


universal formula 24 

Universal Quantifier Elimination Rule 23 
Universal Quantifier Introduction Rule 24 
universal statement 24 


